VYPR

CWE-1268

Policy Privileges are not Assigned Consistently Between Control and Data Agents

BaseDraft

Description

The product's hardware-enforced access control for a particular resource improperly accounts for privilege discrepancies between control and write policies.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-180

CVEs mapped to this weakness (1)

  • CVE-2026-5892MedApr 8, 2026
    risk 0.43cvss 6.6epss 0.00

    Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. (Chromium security severity: Medium)