VYPR

CWE-863

Incorrect Authorization

ClassIncompleteLikelihood: High

Description

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Hierarchy (View 1000)

CVEs mapped to this weakness (1,530)

page 21 of 77
  • CVE-2026-32991HigMay 13, 2026
    risk 0.46cvss 7.1epss 0.00

    Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.

  • CVE-2026-43913HigMay 11, 2026
    risk 0.46cvss 8.1epss 0.00

    Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from…

  • CVE-2026-42296HigMay 9, 2026
    risk 0.46cvss 8.1epss 0.00

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14 and 4.0.5, a user with create Workflow permission can bypass templateReferencing: Strict to get host network access, switch service accounts,…

  • CVE-2026-39852HigMay 5, 2026
    risk 0.46cvss 8.2epss 0.00

    Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged…

  • CVE-2026-42431HigApr 28, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guard and modify browser…

  • CVE-2026-23902HigApr 24, 2026
    risk 0.46cvss 8.1epss 0.00

    Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1.  Users…

  • CVE-2026-40599HigApr 21, 2026
    risk 0.46cvss 7.1epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to…

  • CVE-2026-33031HigApr 20, 2026
    risk 0.46cvss 8.1epss 0.00

    Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that…

  • CVE-2026-35653HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.01

    OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile…

  • CVE-2026-35645HigApr 9, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can exploit this by triggering session deletion without a request-scoped client to…

  • CVE-2026-34512HigApr 9, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.3.25 contains an improper access control vulnerability in the HTTP /sessions/:sessionKey/kill route that allows any bearer-authenticated user to invoke admin-level session termination functions without proper scope validation. Attackers can exploit this by…

  • CVE-2026-39331HigApr 7, 2026
    risk 0.46cvss 8.1epss 0.00

    ChurchCRM is an open-source church management system. Prior to 7.1.0, an authenticated API user can modify any family record's state without proper authorization by simply changing the {familyId} parameter in requests, regardless of whether they possess the required EditRecords…

  • CVE-2026-35604HigApr 7, 2026
    risk 0.46cvss 8.1epss 0.00

    File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, when an admin revokes a user's Share and Download permissions, existing share links created by that user remain fully…

  • CVE-2026-35442HigApr 6, 2026
    risk 0.46cvss 8.1epss 0.00

    Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, aggregate functions (min, max) applied to fields with the conceal special type incorrectly return raw database values instead of the masked placeholder. When combined with groupBy,…

  • CVE-2026-32726HigMar 31, 2026
    risk 0.46cvss 8.1epss 0.00

    SciTokens C++ is a minimal library for creating and using SciTokens from C or C++. Prior to version 1.4.1, scitokens-cpp is vulnerable to an authorization bypass in path-based scope validation. The enforcer used a simple string-prefix comparison when checking whether a requested…

  • CVE-2026-33577HigMar 31, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend…

  • CVE-2026-25741HigFeb 26, 2026
    risk 0.46cvss 7.1epss 0.00

    Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to users with only organization member privileges. When the associated Stripe…

  • CVE-2025-68476HigDec 22, 2025
    risk 0.46cvss epss 0.00

    KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault…

  • CVE-2025-58052HigDec 19, 2025
    risk 0.46cvss 8.1epss 0.00

    Galette is a membership management web application for non profit organizations. Starting in version 0.9.6 and prior to version 1.2.0, attackers with group manager role can bypass intended restrictions allowing unauthorized access and changes despite role-based controls. Since…

  • CVE-2025-61830HigNov 11, 2025
    risk 0.46cvss 7.1epss 0.00

    Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a…