VYPR

CWE-276

Incorrect Default Permissions

BaseDraftLikelihood: Medium

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-127 · CAPEC-81

CVEs mapped to this weakness (474)

page 18 of 24
  • CVE-2024-23253LowMar 8, 2024
    risk 0.21cvss 3.3epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.4. An app may be able to access a user's Photos Library.

  • CVE-2026-27680LowMay 14, 2026
    risk 0.20cvss 3.1epss 0.00

    Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets (CSS) data into a web page served by the application. When a user accesses or clicks the affected page, the injected CSS is…

  • CVE-2025-1699LowJun 11, 2025
    risk 0.18cvss 2.8epss 0.00

    An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.

  • CVE-2025-49843LowJun 17, 2025
    risk 0.11cvss epss 0.01

    conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travis_headers function in the conda-smithy repository creates files with permissions exceeding 0o600, allowing…

  • CVE-2024-5967LowJun 18, 2024
    risk 0.11cvss 2.7epss 0.01

    A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL  independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP…

  • CVE-2023-29923Apr 19, 2023
    risk 0.07cvss epss 0.10

    PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface.

  • CVE-2015-7985Nov 24, 2015
    risk 0.03cvss epss 0.01

    Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file.

  • CVE-2026-53870Jun 17, 2026
    risk 0.00cvss epss 0.00

    Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain…

  • CVE-2026-39398Apr 9, 2026
    risk 0.00cvss epss

    Rejected reason: The affected product and advisory are not public.

  • CVE-2026-24780Jan 29, 2026
    risk 0.00cvss epss 0.01

    AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.44, AutoGPT Platform's block execution endpoints (both main web API and external API) allow…

  • CVE-2026-23634Jan 16, 2026
    risk 0.00cvss epss 0.00

    Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new…

  • CVE-2025-55074Nov 18, 2025
    risk 0.00cvss epss 0.00

    Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to enforce access permissions on the Agents plugin which allows other users to determine when users had read channels via channel member objects

  • CVE-2025-64436Nov 7, 2025
    risk 0.00cvss epss 0.00

    KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissions granted to the virt-handler service account, such as the ability to update VMI and patch nodes, could be abused to force a VMI migration to an attacker-controlled node. This…

  • CVE-2025-59349Sep 17, 2025
    risk 0.00cvss epss 0.00

    Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, DragonFly2 uses the os.MkdirAll function to create certain directory paths with specific access permissions. This function does not perform any permission checks when a given…

  • CVE-2024-43166Sep 3, 2025
    risk 0.00cvss epss 0.01

    Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue.

  • CVE-2025-52900Jun 26, 2025
    risk 0.00cvss epss 0.00

    File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same…

  • CVE-2025-6264Jun 20, 2025
    risk 0.00cvss epss 0.01

    Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions.  To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions…

  • CVE-2025-49842LowJun 17, 2025
    risk 0.00cvss epss 0.00

    conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. Prior to version 2025.3.24, the conda_forge_webservice Docker container executes commands without specifying a user. By default, Docker containers run as the root user, which increases…

  • CVE-2024-53351Mar 21, 2025
    risk 0.00cvss epss 0.00

    Insecure permissions in pipecd v0.49 allow attackers to gain access to the service account's token, leading to escalation of privileges.

  • CVE-2025-27154Feb 27, 2025
    risk 0.00cvss epss 0.01

    Spotipy is a lightweight Python library for the Spotify Web API. The `CacheHandler` class creates a cache file to store the auth token. Prior to version 2.25.1, the file created has `rw-r--r--` (644) permissions by default, when it could be locked down to `rw-------` (600)…