VYPR

CWE-285

Improper Authorization

ClassDraftLikelihood: High

Description

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-104 · CAPEC-127 · CAPEC-13 · CAPEC-17 · CAPEC-39 · CAPEC-402 · CAPEC-45 · CAPEC-5 · CAPEC-51 · CAPEC-59 · CAPEC-60 · CAPEC-647 · CAPEC-668 · CAPEC-76 · CAPEC-77 · CAPEC-87

CVEs mapped to this weakness (812)

page 16 of 41
  • CVE-2026-10284MedJun 1, 2026
    risk 0.35cvss 5.4epss 0.00

    A flaw has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this vulnerability is the function editComment/doDeleteComment of the file app/Filament/Resources/TicketResource/Pages/ViewTicket.php of the component Livewire Handler. Executing a…

  • CVE-2026-45275MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization…

  • CVE-2026-10218MedJun 1, 2026
    risk 0.35cvss 5.4epss 0.00

    A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the…

  • CVE-2026-45345MedMay 15, 2026
    risk 0.35cvss 6.5epss 0.00

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.7, a user can modify another user's model even if its visibility is set to Private. By changing the access permissions during editing, unauthorized access can be…

  • CVE-2026-42202MedMay 8, 2026
    risk 0.35cvss 6.5epss 0.00

    nova-toggle-5 enables fliping booleans in the index. Prior to version 1.3.0, the toggle endpoint (POST/nova-vendor/nova-toggle/toggle/{resource}/{resourceId}) was protected only by web + auth: middleware. Any user authenticated on the configured guard could call the…

  • CVE-2026-7631MedMay 2, 2026
    risk 0.35cvss 5.4epss 0.00

    A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument Username results in improper authorization. The attack can be executed remotely.…

  • CVE-2026-41375MedApr 28, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the /phone arm and /phone disarm endpoints that fails to properly enforce operator.admin scope checks for external channels. Attackers can bypass authentication restrictions to arm or disarm phone…

  • CVE-2026-7145MedApr 27, 2026
    risk 0.35cvss 5.4epss 0.00

    A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invitation Handler. This manipulation of the argument invitation causes authorization…

  • CVE-2026-6585MedApr 20, 2026
    risk 0.35cvss 5.4epss 0.00

    A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisation_id…

  • CVE-2026-6584MedApr 20, 2026
    risk 0.35cvss 5.4epss 0.00

    A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_user of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument user_id results in authorization bypass.…

  • CVE-2026-6583MedApr 19, 2026
    risk 0.35cvss 5.4epss 0.00

    A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edit_api_key of the file superagi/controllers/api_key.py of the component API Key Management Endpoint. The manipulation leads to authorization bypass. The attack…

  • CVE-2026-34370MedApr 14, 2026
    risk 0.35cvss 6.5epss 0.00

    Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the notebook module contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated student to read the private course notes of any other user on the…

  • CVE-2026-35652MedApr 10, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization checks by dispatching callbacks before normal security validation…

  • CVE-2026-35649MedApr 10, 2026
    risk 0.35cvss 6.5epss 0.00

    OpenClaw before 2026.3.22 contains a settings reconciliation vulnerability that allows attackers to bypass intended deny-all revocations by exploiting empty allowlist handling. The vulnerability treats explicit empty allowlists as unset during reconciliation, silently undoing…

  • CVE-2026-40071MedApr 9, 2026
    risk 0.35cvss 5.4epss 0.00

    pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the /json/package_order, /json/link_order, and /json/abort_link WebUI JSON endpoints enforce weaker permissions than the core API methods they invoke. This allows authenticated…

  • CVE-2026-35407MedApr 8, 2026
    risk 0.35cvss 6.5epss 0.00

    Saleor is an e-commerce platform. From 2.10.0 to before 3.23.0a3, 3.22.47, 3.21.54, and 3.20.118, a business-logic and authorization flaw was found in the account email change workflow, the confirmation flow did not verify that the email change confirmation token was issued for…

  • CVE-2026-1710MedMar 31, 2026
    risk 0.35cvss 6.5epss 0.00

    The WooPayments: Integrated WooCommerce Payments plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_upe_appearance_ajax' function in all versions up to, and including, 10.5.1. This makes it possible for…

  • CVE-2026-33954MedMar 27, 2026
    risk 0.35cvss 6.5epss 0.00

    LinkAce is a self-hosted archive to collect website links. In versions prior to 2.5.3, a private note attached to a non-private link can be disclosed to a different authenticated user via the web interface. The API appears to correctly enforce note visibility, but the web link…

  • CVE-2026-30870MedMar 10, 2026
    risk 0.35cvss 6.5epss 0.00

    PowerSync Service is the server-side component of the PowerSync sync engine. In version 1.20.0, when using new sync streams with config.edition: 3, certain subquery filters were ignored when determining which data to sync to users. Depending on the sync stream configuration,…

  • CVE-2026-3761MedMar 8, 2026
    risk 0.35cvss 5.4epss 0.00

    A flaw has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /superadmin_user_delete.php of the component Endpoint. Executing a manipulation of the argument user_id can lead to improper authorization. The…