CWE-863
Incorrect Authorization
Description
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,530)
page 19 of 77| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45108 | Hig | 0.48 | 8.4 | 0.00 | May 27, 2026 | Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant (DAG) flow that allowed a user within the same Entra ID domain to… | ||
| CVE-2026-40213 | — | Hig | 0.48 | 7.4 | 0.00 | May 7, 2026 | OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role… | |
| CVE-2026-41371 | Hig | 0.48 | 8.5 | 0.00 | Apr 28, 2026 | OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without… | ||
| CVE-2026-32918 | Hig | 0.48 | 8.4 | 0.00 | Mar 29, 2026 | OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandboxed subagents to access parent or sibling session state. Attackers can supply arbitrary sessionKey values to read or modify session data outside their sandbox… | ||
| CVE-2023-6400 | Hig | 0.48 | 7.4 | 0.00 | Mar 27, 2024 | Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and 23.4. | ||
| CVE-2020-36714 | Hig | 0.48 | 7.4 | 0.00 | Oct 20, 2023 | The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the is_administrator() function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX… | ||
| CVE-2021-3563 | Hig | 0.48 | 7.4 | 0.01 | Aug 26, 2022 | A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and… | ||
| CVE-2021-36778 | Hig | 0.48 | 7.3 | 0.01 | May 2, 2022 | A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3. | ||
| CVE-2026-53853 | Hig | 0.47 | 8.3 | 0.00 | Jun 16, 2026 | OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers to execute disallowed arguments for allowlisted executables on Linux and macOS systems. Attackers can bypass configured argPattern restrictions by directly… | ||
| CVE-2026-11577 | Hig | 0.47 | 7.2 | 0.00 | Jun 8, 2026 | A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions (FGAP) and escalate their privileges to a full realm… | ||
| CVE-2026-9350 | Hig | 0.47 | 7.3 | 0.00 | May 24, 2026 | A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check_all_command_guards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The… | ||
| CVE-2025-10908 | — | Hig | 0.47 | 7.3 | 0.00 | May 11, 2026 | Due to a lack of user account state validation during authentication, locked user accounts can be successfully authenticated using Magic Link or Pass Key methods. This bypasses the intended security control that should prevent access to accounts that have been locked. This… | |
| CVE-2026-0562 | Hig | 0.47 | 8.3 | 0.00 | Mar 29, 2026 | A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The `respond_request()` function in `backend/routers/friends.py` does not implement proper authorization checks,… | ||
| CVE-2026-1497 | — | Hig | 0.47 | 7.2 | 0.00 | Mar 11, 2026 | Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.22 can lead to the following scenario: an admin that intends to give a user an access to a remote database constituent "namespace.name" will inadvertently… | |
| CVE-2026-23572 | Hig | 0.47 | 7.2 | 0.00 | Feb 5, 2026 | Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior version 15.74.5 allows an authenticated user to bypass additional access controls with “Allow after confirmation” configuration in a remote… | ||
| CVE-2025-13806 | Hig | 0.47 | 7.3 | 0.00 | Dec 1, 2025 | A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction… | ||
| CVE-2025-13063 | Hig | 0.47 | 7.3 | 0.00 | Nov 12, 2025 | A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may be performed from remote. The exploit has been published and may be used. Multiple endpoints are affected. | ||
| CVE-2025-8435 | Hig | 0.47 | 7.3 | 0.00 | Aug 1, 2025 | A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The manipulation of the argument ID leads to missing authorization. The attack can… | ||
| CVE-2025-8434 | Hig | 0.47 | 7.3 | 0.00 | Aug 1, 2025 | A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely.… | ||
| CVE-2025-3260 | Hig | 0.47 | 8.3 | 0.00 | Jun 2, 2025 | A security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions (v0alpha1, v1alpha1, v2alpha1). Impact: - Viewers can view all dashboards/folders… |
- risk 0.48cvss 8.4epss 0.00
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant (DAG) flow that allowed a user within the same Entra ID domain to…
- risk 0.48cvss 7.4epss 0.00
OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role…
- risk 0.48cvss 8.5epss 0.00
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without…
- risk 0.48cvss 8.4epss 0.00
OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandboxed subagents to access parent or sibling session state. Attackers can supply arbitrary sessionKey values to read or modify session data outside their sandbox…
- risk 0.48cvss 7.4epss 0.00
Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and 23.4.
- risk 0.48cvss 7.4epss 0.00
The Brizy plugin for WordPress is vulnerable to authorization bypass due to a incorrect capability check on the is_administrator() function in versions up to, and including, 1.0.125. This makes it possible for authenticated attackers to access and interact with available AJAX…
- risk 0.48cvss 7.4epss 0.01
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and…
- risk 0.48cvss 7.3epss 0.01
A Incorrect Authorization vulnerability in SUSE Rancher allows administrators of third-party repositories to gather credentials that are sent to their servers. This issue affects: SUSE Rancher Rancher versions prior to 2.5.12; Rancher versions prior to 2.6.3.
- risk 0.47cvss 8.3epss 0.00
OpenClaw before 2026.5.12 contains an argument pattern validation bypass in the exec allowlist that allows attackers to execute disallowed arguments for allowlisted executables on Linux and macOS systems. Attackers can bypass configured argPattern restrictions by directly…
- risk 0.47cvss 7.2epss 0.00
A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions (FGAP) and escalate their privileges to a full realm…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check_all_command_guards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The…
- risk 0.47cvss 7.3epss 0.00
Due to a lack of user account state validation during authentication, locked user accounts can be successfully authenticated using Magic Link or Pass Key methods. This bypasses the intended security control that should prevent access to accounts that have been locked. This…
- risk 0.47cvss 8.3epss 0.00
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or reject friend requests belonging to other users. The `respond_request()` function in `backend/routers/friends.py` does not implement proper authorization checks,…
- risk 0.47cvss 7.2epss 0.00
Incorrect resolving of namespaces in composite databases in Neo4j Enterprise edition prior to versions 2026.02 and 5.26.22 can lead to the following scenario: an admin that intends to give a user an access to a remote database constituent "namespace.name" will inadvertently…
- risk 0.47cvss 7.2epss 0.00
Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior version 15.74.5 allows an authenticated user to bypass additional access controls with “Allow after confirmation” configuration in a remote…
- risk 0.47cvss 7.3epss 0.00
A security vulnerability has been detected in nutzam NutzBoot up to 2.6.0-SNAPSHOT. This impacts an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Transaction…
- risk 0.47cvss 7.3epss 0.00
A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may be performed from remote. The exploit has been published and may be used. Multiple endpoints are affected.
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The manipulation of the argument ID leads to missing authorization. The attack can…
- risk 0.47cvss 7.3epss 0.00
A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely.…
- risk 0.47cvss 8.3epss 0.00
A security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions (v0alpha1, v1alpha1, v2alpha1). Impact: - Viewers can view all dashboards/folders…