Falhas do tipo CWE-863

2.102 resultados
CVE-2026-32005HIGHOpenClaw < 2026.2.25 - Authorization Bypass in Interactive Callbacks via Sender Check SkipEPSS 0.3%CVE-2026-26328MEDIUMOpenClaw iMessage group allowlist authorization inherited DM pairing-store identitiesEPSS 0.3%CVE-2026-48794LOWAuthelia has an Edge Case Access Control Rule MismatchEPSS 0.3%CVE-2026-42422HIGHOpenClaw < 2026.4.8 - Role Bypass in device.token.rotate FunctionEPSS 0.3%CVE-2026-42426HIGHOpenClaw < 2026.4.8 - Improper Authorization in node.pair.approve via operator.write ScopeEPSS 0.3%CVE-2026-33461HIGHIncorrect Authorization in Kibana Fleet Leading to Information DisclosureEPSS 0.3%CVE-2026-23513HIGHFOSSBilling: Broken Authorization in Client Transaction and Order ListingsEPSS 0.3%CVE-2026-23632MEDIUMGogs user can update repository content with read-only permissionEPSS 0.3%CVE-2024-36365MEDIUMIn JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agentEPSS 0.3%CVE-2022-42788MEDIUMA permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Ventura 13. A maliciEPSS 0.3%CVE-2026-28715MEDIUMSensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux,EPSS 0.3%CVE-2026-28473HIGHOpenClaw < 2026.2.2 - Authorization Bypass via /approve Chat CommandEPSS 0.3%CVE-2026-56268MEDIUMFlowise - Cross-Workspace Information Disclosure via chatflows/apikey EndpointEPSS 0.3%CVE-2023-41077MEDIUMAn app may be able to access protected user data. This issue is fixed in macOS Sonoma 14, macOS Ventura 13.6.1. The issue was addressed withEPSS 0.3%CVE-2025-12082HIGHCivicTheme Design System - Moderately critical - Information disclosure - SA-CONTRIB-2025-112EPSS 0.3%CVE-2025-27602MEDIUMUmbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized ContentEPSS 0.3%CVE-2026-25561HIGHWeKan < 8.19 Attachment Upload Object Relationship Validation BypassEPSS 0.3%CVE-2024-42000LOWUnauthorized Access to view channels' detailsEPSS 0.3%CVE-2026-45002MEDIUMOpenClaw < 2026.4.20 - Hook Session-Key Bypass via Template MappingEPSS 0.3%CVE-2025-41346CRITICALStored Cross-Site Scripting (XSS) in WinPlus by Informática del EsteEPSS 0.3%