Falhas do tipo CWE-863
2.110 resultadosCVE-2026-32717LOWAnythingLLM access control bypass: suspended users can continue using Browser Extension API keysEPSS 0.2%CVE-2026-3115MEDIUMGuest users can view group member IDs without respecting view restrictionsEPSS 0.2%CVE-2026-41232MEDIUMFroxlor has an Email Sender Alias Domain Ownership Bypass via Wrong Array Index that Allows Cross-Customer Email SpoofingEPSS 0.2%CVE-2022-34397MEDIUM
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 10.0.0.5 and below contains an authorization bypassEPSS 0.2%CVE-2026-40515HIGHOpenHarness Permission Bypass via grep and glob root argumentEPSS 0.2%CVE-2025-31227MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker with physical access to a devEPSS 0.2%CVE-2025-10908HIGHAccount Lock Bypass via Magic Link or Pass Key Authentication in WSO2 Identity Server Allows Unauthorized AccessEPSS 0.2%CVE-2023-6400HIGHIncorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.EPSS 0.2%CVE-2026-44567HIGHOpen WebUI: Open WebUI Improper Authorization ControlEPSS 0.2%CVE-2026-29195MEDIUMNetmaker: Privilege Escalation from Admin to Super-Admin via User UpdateEPSS 0.2%CVE-2025-41423LOWUnauthorized Playbooks Post Deletion in Mattermost Playbooks PluginEPSS 0.2%CVE-2025-27213MEDIUMAn Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug BEPSS 0.2%CVE-2026-54358HIGHMISP organization administrators can target site administrator accounts for password resetEPSS 0.2%CVE-2025-2564MEDIUMUnauthorized View Access to Archived Channel Member InfoEPSS 0.2%CVE-2024-22316MEDIUMIBM Sterling File Gateway improper access controlEPSS 0.2%CVE-2026-26274MEDIUMOctober: Safe Mode Bypass via Twig Database Write OperationsEPSS 0.2%CVE-2026-33249MEDIUMNATS: Message tracing can be redirected to arbitrary subjectEPSS 0.2%CVE-2026-2465HIGHImproper Authorization in E-Kalite's Turboard FOR-SEPSS 0.2%CVE-2024-40855MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2EPSS 0.2%CVE-2025-12621MEDIUMFlexible Refund and Return Order for WooCommerce <= 1.0.42 - Incorrect Authorization to Authenticated (Contributor+) Refund Status UpdateEPSS 0.2%