CWE-276— Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.— MITRE CWE catalog
1,638 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-276page 33 of 33
- CVE-2026-23703HIGHCVSS 7.8EG 7.82026-02-26
The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege.
- CVE-2026-24063HIGHCVSS 8.2EG 8.22026-03-18
When a plugin is installed using the Arturia Software Center (MacOS), it also installs an uninstall.sh bash script in a root owned path. This script is written to disk with the file permissions 777, meaning it is writable by any user. When…
- CVE-2026-24413MEDIUMCVSS 5.5EG 5.52026-01-29
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\icinga2\var` folder on Windows. This res…
- CVE-2026-24414MEDIUMCVSS 5.5EG 5.52026-01-29
The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificat…
- CVE-2026-24780HIGHCVSS 8.8EG 8.82026-01-29
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.44, AutoGPT Platform's block execution endpoints (both mai…
- CVE-2026-25203HIGHCVSS 7.8EG 7.82026-04-10
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.
- CVE-2026-25931HIGHCVSS 7.8EG 7.82026-02-09
vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings._determineIsTrusted treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. The value …
- CVE-2026-26131HIGHCVSS 7.8EG 7.82026-03-10
Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally.
- CVE-2026-27680MEDIUMCVSS 4.3EG 3.12026-05-14
Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets (CSS) data into a web page served by the application. When a user accesses or clicks …
- CVE-2026-28267MEDIUMCVSS 5.5EG 5.52026-03-10
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user.
- CVE-2026-28727HIGHCVSS 7.8EG 7.82026-03-06
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image …
- CVE-2026-30811MEDIUMCVSS 6.5EG 6.52026-04-13
Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800
- CVE-2026-32680HIGHCVSS 7.8EG 7.82026-03-26
The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative use…
- CVE-2026-32983MEDIUMCVSS 5.8EG 5.82026-03-27
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending exces…
- CVE-2026-33590HIGHCVSS 8.5EG 8.52026-05-28
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings …
- CVE-2026-36742MEDIUMCVSS 6.8EG 6.82026-05-13
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode).
- CVE-2026-39454HIGHCVSS 7.8EG 7.82026-04-20
SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative user may manipulate and/or place arbitrary files within the installatio…
- CVE-2026-41712HIGHCVSS 7.5EG 7.52026-05-12
Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.
- CVE-2026-44468HIGHCVSS 7.8EG 7.82026-05-26
The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local p…
- CVE-2026-44469HIGHCVSS 7.8EG 7.82026-05-26
The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time wind…
- CVE-2026-45393CRITICALCVSS 9.8EG 9.82026-05-12
A vulnerability chain in Cribl Edge for Windows before 4.17.1 allows a local authenticated user to escalate privileges to NT AUTHORITY\SYSTEM. Incorrect default permissions on the Windows installer's authentication directory (CWE-276) expo…
- CVE-2026-47107HIGHCVSS 8.1EG 9.62026-05-19
Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to …
- CVE-2026-48190LOWCVSS 3.5EG 3.52026-06-01
An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be anabled and CustomerGroupSupport has t…
- CVE-2026-48191LOWCVSS 3.5EG 3.52026-06-01
An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to the…
- CVE-2026-48725HIGHCVSS 8.1EG 8.12026-06-24
Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp allows terminal output to request access to the local system clipboard. A malicious remote host, remote program, or othe…
- CVE-2026-48935LOWCVSS 3.3EG 3.32026-06-26
A flaw in Node.js Permission API can cause a file metadata to be modified even on a path that was set as read-only with e.g. `--allow-fs-read`. This vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and …
- CVE-2026-49157HIGHCVSS 8.8EG 8.82026-06-01
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin (low-privilege) web-login accounts�…
- CVE-2026-49237HIGHCVSS 7.8EG 7.82026-05-28
An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-locat…
- CVE-2026-50255MEDIUMCVSS 6.7EG 6.72026-06-16
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.
- CVE-2026-53657HIGHCVSS 8.2EG 8.22026-07-10
Lima launches Linux virtual machines, typically on macOS, for running containerd. Prior to 2.1.3, on an instance of Lima running with the qemu driver, an arbitrary user in the VM could access /run/lima-guestagent.sock when the guest agent …
- CVE-2026-53870MEDIUMCVSS 5.5EG 5.52026-06-17
Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644), exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can rea…
- CVE-2026-56301MEDIUMCVSS 5.5EG 5.52026-06-23
Nuxt 4.0.0 before 4.4.7 and 3.18.0 before 3.21.7, when running the development server (nuxt dev) on Linux, binds the vite-node IPC server to an abstract-namespace Unix socket without permission restrictions, allowing local users to enumera…
- CVE-2026-57895HIGHCVSS 7.8EG 7.82026-07-08
Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege
- CVE-2026-57919HIGHCVSS 7.8EG 7.82026-06-29
PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DACL that grants GENERIC_READ and GENERIC_WRITE permissions to all authenticated users. A low-privileged local attacker c…
- CVE-2026-57924MEDIUMCVSS 5.3EG 4.32026-06-26
In JetBrains YouTrack before 2026.2.16593 default role configuration exposed excessive user profile details
- CVE-2026-6819HIGHCVSS 8.8EG 8.82026-04-21
HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel la…
- CVE-2026-6823HIGHCVSS 8.2EG 8.22026-04-21
HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass admission checks. Attackers who can reach …
- CVE-2026-8487MEDIUMCVSS 6.5EG 6.52026-05-20
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
Map vulnerabilities like CWE-276 to your infrastructure
EchelonGraph correlates every CVE — across CWE-276 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →