VYPR

CWE-863

Incorrect Authorization

ClassIncompleteLikelihood: High

Description

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

Hierarchy (View 1000)

CVEs mapped to this weakness (1,530)

page 4 of 77
  • CVE-2026-42031CriMay 13, 2026
    risk 0.58cvss 9.8epss 0.02

    CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability in datastore_search_sql allowed attackers to inject SQL in order to gain access to private resources and PostgreSQL system information This…

  • CVE-2018-1000805HigOct 8, 2018
    risk 0.58cvss 8.8epss 0.04

    Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.

  • CVE-2018-1057HigMar 13, 2018
    risk 0.58cvss 8.8epss 0.10

    On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg…

  • CVE-2016-20075HigJun 15, 2026
    risk 0.57cvss 8.8epss 0.00

    WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality. Attackers can upload PHP…

  • CVE-2026-45831HigJun 12, 2026
    risk 0.57cvss 8.8epss 0.00

    The SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a user holds a given permission but never checks which tenant, database, or collection that permission applies to allowing users to perform…

  • CVE-2018-25353HigMay 23, 2026
    risk 0.57cvss 8.8epss 0.00

    Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accounts can upload executable files by using obfuscated extensions like php71 or…

  • CVE-2026-6406HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.00

    The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket…

  • CVE-2026-42096HigMay 19, 2026
    risk 0.57cvss 8.8epss 0.01

    Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability,…

  • CVE-2025-15023HigMay 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation…

  • CVE-2026-41050CriMay 13, 2026
    risk 0.57cvss 9.9epss 0.00

    Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`.

  • CVE-2026-2465HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.00

    Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation. This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026.

  • CVE-2026-42812CriMay 4, 2026
    risk 0.57cvss 9.9epss 0.00

    In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. `write.metadata.path` is an optional table property that tells Polaris where to write those metadata files. For a table…

  • CVE-2026-25660CriApr 24, 2026
    risk 0.57cvss 9.8epss 0.00

    CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication bypass occurs when the URL ends with Authentication with certain function calls.  This bypass allows assigning arbitrary permission to any user…

  • CVE-2026-41329CriApr 21, 2026
    risk 0.57cvss 9.9epss 0.00

    OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve…

  • CVE-2026-35490CriApr 7, 2026
    risk 0.57cvss 9.8epss 0.01

    changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required decorator is placed before (outer to) @blueprint.route() instead of after it. In Flask, @route() must be the outermost decorator because it registers the…

  • CVE-2026-28808CriApr 7, 2026
    risk 0.57cvss 9.8epss 0.01

    Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts protected by directory rules when served via script_alias. When script_alias maps a URL prefix to a directory outside DocumentRoot, mod_auth evaluates…

  • CVE-2025-71278HigApr 1, 2026
    risk 0.57cvss 8.8epss 0.00

    XenForo before 2.3.5 allows OAuth2 client applications to request unauthorized scopes. This affects any customer using OAuth2 clients on any version of XenForo 2.3 prior to 2.3.5, potentially allowing client applications to gain access beyond their intended authorization level.

  • CVE-2026-33579CriMar 31, 2026
    risk 0.57cvss 9.9epss 0.01

    OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking…

  • CVE-2026-32924CriMar 29, 2026
    risk 0.57cvss 9.8epss 0.00

    OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction events with omitted chat_type are misclassified as p2p conversations instead of group chats. Attackers can exploit this misclassification to bypass groupAllowFrom and requireMention…

  • CVE-2026-4639HigMar 24, 2026
    risk 0.57cvss 8.8epss 0.00

    Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.