VYPR

CWE-266

Incorrect Privilege Assignment

BaseDraft

Description

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Hierarchy (View 1000)

CVEs mapped to this weakness (593)

page 13 of 30
  • CVE-2026-4824HigMar 25, 2026
    risk 0.46cvss 7.0epss 0.00

    A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out…

  • CVE-2025-8758HigAug 9, 2025
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather…

  • CVE-2025-8757HigAug 9, 2025
    risk 0.46cvss 7.0epss 0.00

    A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is…

  • CVE-2025-5791HigJun 6, 2025
    risk 0.46cvss 7.1epss 0.00

    A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.

  • CVE-2025-0131HigMay 14, 2025
    risk 0.46cvss epss 0.00

    An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT…

  • CVE-2025-0628HigMar 20, 2025
    risk 0.46cvss 8.1epss 0.00

    An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the application, they are provided with an overly privileged API key. This key can be used to access all the admin…

  • CVE-2025-43001MedJul 8, 2025
    risk 0.45cvss 6.9epss 0.00

    SAPCAR allows an attacker logged in with high privileges to override the permissions of the current and parent directories of the user or process extracting the archive, leading to privilege escalation. On successful exploitation, an attacker could modify the critical files by…

  • CVE-2025-42992MedJul 8, 2025
    risk 0.45cvss 6.9epss 0.00

    SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in SAPCAR. This could enable the attacker to exploit critical files and directory permissions without breaking signature validation, resulting in potential privilege escalation. This has…

  • CVE-2025-2179MedJul 29, 2025
    risk 0.44cvss epss 0.00

    An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The…

  • CVE-2025-0140MedJul 9, 2025
    risk 0.44cvss epss 0.00

    An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The…

  • CVE-2025-27028MedJul 9, 2025
    risk 0.44cvss 6.8epss 0.00

    The Linux deprivileged user vpuser in Radiflow iSAP Smart Collector (CentOS 7 - VSAP 1.20) can read the entire file system content, including files belonging to other users and having restricted access (like, for example, the root password hash).

  • CVE-2025-48741MedMay 23, 2025
    risk 0.44cvss epss 0.00

    A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user's permissions,…

  • CVE-2025-4692MedMay 23, 2025
    risk 0.44cvss 6.8epss 0.00

    Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exposed on the cloud platform. If the exploit is successful, the user can escalate privileges to access…

  • CVE-2026-27102MedApr 8, 2026
    risk 0.43cvss 6.6epss 0.00

    Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.1, contains an incorrect privilege assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of…

  • CVE-2024-38278MedJul 9, 2024
    risk 0.43cvss 6.6epss 0.00

    A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.9.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.9.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V5.X (All versions <…

  • CVE-2026-10272MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The impacted element is an unknown function of the file admin/deleteform.php. Such manipulation of the argument sid leads to improper authorization. It is possible to…

  • CVE-2026-35062MedMay 13, 2026
    risk 0.42cvss 6.5epss 0.00

    An authenticated iControl SOAP user may be able to obtain information of other accounts.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

  • CVE-2026-43510HigMay 7, 2026
    risk 0.42cvss 7.6epss 0.00

    manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30.

  • CVE-2026-40869HigApr 21, 2026
    risk 0.42cvss 7.5epss 0.00

    Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and authenticated user to accept or reject any amendments. The impact is on any users who have created proposals where the…

  • CVE-2026-5330MedApr 2, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_user of the component User Delete Handler. Performing a manipulation of the argument ID results in…