CWE-266— Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.— MITRE CWE catalog
988 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-266page 19 of 20
- CVE-2026-47169HIGHCVSS 7.5EG 7.52026-06-11
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a user with Manage Server / ManageGuild, but without Manage Roles or Administrator, can configure the bot’s AutoRole featu…
- CVE-2026-48172CRITICALCVSS 10.0EG 10.0⚠ KEV2026-05-21
LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr…
- CVE-2026-4824HIGHCVSS 7.0EG 7.02026-03-25
A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege manageme…
- CVE-2026-48879CRITICALCVSS 9.8EG 9.82026-06-01
Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17.
- CVE-2026-48889HIGHCVSS 8.8EG 8.82026-06-15
Subscriber Privilege Escalation in Amelia <= 2.3 versions.
- CVE-2026-49058CRITICALCVSS 9.8EG 9.82026-06-17
Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions.
- CVE-2026-49060CRITICALCVSS 9.8EG 9.82026-06-11
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4.
- CVE-2026-49063HIGHCVSS 7.3EG 7.32026-06-15
Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.
- CVE-2026-49083HIGHCVSS 7.5EG 7.52026-06-15
Contributor Privilege Escalation in LatePoint <= 5.5.1 versions.
- CVE-2026-49111HIGHCVSS 8.8EG 8.82026-06-15
Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0.
- CVE-2026-49413HIGHCVSS 7.1EG 7.12026-06-27
The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the P_SUGID process flag. During execve(2), this flag is not yet set at the point where the auxiliary vector is constructed, so AT_SECURE was incorrec…
- CVE-2026-49780HIGHCVSS 8.8EG 8.82026-06-15
Customer Privilege Escalation in Dokan <= 5.0.2 versions.
- CVE-2026-4990HIGHCVSS 7.3EG 7.32026-03-27
A security vulnerability has been detected in chatwoot up to 4.11.1. The affected element is an unknown function of the file /app/login of the component Signup Endpoint. Such manipulation of the argument signupEnabled with the input true l…
- CVE-2026-5107MEDIUMCVSS 4.2EG 4.22026-03-30
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The att…
- CVE-2026-5122LOWCVSS 3.7EG 3.72026-03-30
A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen r…
- CVE-2026-5124LOWCVSS 3.7EG 3.72026-03-30
A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access contr…
- CVE-2026-5136HIGHCVSS 8.8EG 8.82026-07-01
A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary rol…
- CVE-2026-5141HIGHCVSS 8.8EG 8.82026-04-29
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a privileged process. This issue affec…
- CVE-2026-5215MEDIUMCVSS 4.3EG 4.32026-03-31
A vulnerability was identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-155…
- CVE-2026-5311MEDIUMCVSS 5.3EG 5.32026-04-01
A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DN…
- CVE-2026-5312MEDIUMCVSS 5.3EG 5.32026-04-01
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-155…
- CVE-2026-5330MEDIUMCVSS 6.5EG 6.52026-04-02
A vulnerability was found in SourceCodester/mayuri_k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete_user of the component User Delete Handler. Performing a manip…
- CVE-2026-53814HIGHCVSS 8.3EG 8.32026-06-11
OpenClaw before 2026.5.20 contains a privilege escalation vulnerability where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of hook-appropriate scope. Attackers with a valid hook token can exploi…
- CVE-2026-53847MEDIUMCVSS 5.4EG 5.42026-06-16
OpenClaw before 2026.5.6 contains a privilege escalation vulnerability in the Active Memory write scope that allows Gateway operators with operator.write access to modify global configuration without requiring operator.admin privileges. At…
- CVE-2026-53862MEDIUMCVSS 5.4EG 4.22026-06-16
OpenClaw before 2026.5.12 contains a bootstrap token replay vulnerability allowing callers with pending token access to reuse tokens with broader requested scopes. Attackers can replay bootstrap tokens before approval to escalate pairing a…
- CVE-2026-53902MEDIUMCVSS 6.5EG 6.52026-07-01
MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated user can modify their group membership without proper authorization checks, allowing privil…
- CVE-2026-54196MEDIUMCVSS 6.8EG 6.82026-06-17
Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
- CVE-2026-54805HIGHCVSS 8.8EG 8.82026-06-17
Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions.
- CVE-2026-54807CRITICALCVSS 9.8EG 9.82026-06-17
Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions.
- CVE-2026-5484MEDIUMCVSS 5.3EG 5.32026-04-03
A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument …
- CVE-2026-5526HIGHCVSS 7.3EG 7.32026-04-04
A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attac…
- CVE-2026-5529MEDIUMCVSS 4.3EG 4.32026-04-05
A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipulation results in improper authorization.…
- CVE-2026-5569HIGHCVSS 7.3EG 7.32026-04-05
A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper access controls. The attack may be perfor…
- CVE-2026-56008HIGHCVSS 8.8EG 8.82026-06-26
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
- CVE-2026-56010HIGHCVSS 8.8EG 8.82026-06-26
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
- CVE-2026-56028CRITICALCVSS 9.8EG 9.82026-06-26
Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <= 1.4.9 versions.
- CVE-2026-56030CRITICALCVSS 9.8EG 9.82026-06-26
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
- CVE-2026-56033CRITICALCVSS 9.8EG 9.82026-06-26
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
- CVE-2026-56247HIGHCVSS 8.8EG 8.82026-07-01
Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope without validating role scope compatibility, including to pending invitees. Attackers can pre-seed malformed high-privilege bindings that survive invite a…
- CVE-2026-56251MEDIUMCVSS 6.5EG 6.52026-06-21
Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users to elevate privileges from admin to super_admin. Attackers can exploit the insufficient RLS enforcement to gain unauth…
- CVE-2026-5642HIGHCVSS 7.3EG 7.32026-04-06
A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulati…
- CVE-2026-57501NONECVSS 0.0EG 0.02026-07-09
Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's …
- CVE-2026-57692CRITICALCVSS 9.8EG 9.82026-07-01
Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2.
- CVE-2026-59093HIGHCVSS 8.8EG 8.82026-07-02
Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and assignRoleToGroup handlers (POST /authz/users/{id}/assign and /authz/gr…
- CVE-2026-5999MEDIUMCVSS 6.3EG 6.32026-04-10
A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnouncementController. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit has b…
- CVE-2026-6105HIGHCVSS 7.3EG 7.32026-04-11
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation l…
- CVE-2026-6201MEDIUMCVSS 5.4EG 5.42026-04-13
A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipulation of the argument ID leads to impr…
- CVE-2026-6564MEDIUMCVSS 4.3EG 4.32026-04-19
A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch the attack remotely. …
- CVE-2026-6572MEDIUMCVSS 5.6EG 5.62026-04-19
A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the …
- CVE-2026-6609MEDIUMCVSS 6.3EG 6.32026-04-20
A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file oauth/views.py. This manipulation of the argument oauthid causes improper authorization. The attack may be initiate…
Map vulnerabilities like CWE-266 to your infrastructure
EchelonGraph correlates every CVE — across CWE-266 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →