Falhas do tipo CWE-862

6.961 resultados
CVE-2026-59796HIGHIn JetBrains TeamCity before 2026.1.2 pipeline modification was possible due to improper permission checksEPSS 0.2%CVE-2026-14373HIGHNomad Docker driver Linux host namespace bypassEPSS 0.2%CVE-2025-68837MEDIUMWordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-57429MEDIUMWordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-14361HIGHWordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Settings Change vulnerabilityEPSS 0.2%CVE-2026-7249MEDIUMLocation Weather <= 3.0.2 - Missing Authorization to Authenticated (Contributor+) Block Settings Modification and Cache PurgingEPSS 0.2%CVE-2025-69388MEDIUMWordPress Cliengo – Chatbot plugin <= 3.0.4 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-66532MEDIUMWordPress Powerlift theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-0067MEDIUMMissing Authorization check in SAP NetWeaver Application Server JavaEPSS 0.2%CVE-2026-41128MEDIUMCraft CMS has a Missing Authorization Check on User Group Removal via save-permissions ActionEPSS 0.2%CVE-2025-60096MEDIUMWordPress TheGem (Elementor) Theme <= 5.10.5 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2026-57521MEDIUMBitwarden Server < 2026.5.0 Broken Access Control via PreviewInvoiceControllerEPSS 0.2%CVE-2023-40679MEDIUMWordPress Master Elementor Addons plugin <= 2.0.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-0548MEDIUMTutor LMS – eLearning and online course solution <= 3.9.4 - Missing Authorization to Authenticated (Subscriber+) Limited Attachment DeletionEPSS 0.2%CVE-2025-3780MEDIUMWCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.16 - Missing Authorization to Unauthenticated Plugin Settings ModificationEPSS 0.2%CVE-2025-22673MEDIUMWordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2022-3322MEDIUMLock WARP switch bypass on WARP mobile client using iOS quick actionEPSS 0.2%CVE-2025-49221LOWUnauthenticated Access to Channel Subscription in Mattermost Confluence PluginEPSS 0.2%CVE-2025-58004MEDIUMWordPress DriCub Theme <= 2.9 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-58685MEDIUMWordPress Cecabank WooCommerce plugin plugin <= 0.3.4 - Broken Access Control vulnerabilityEPSS 0.2%