CWE-281— Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.— MITRE CWE catalog
337 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-281page 7 of 7
- CVE-2025-27247MEDIUMCVSS 5.5EG 5.52025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
- CVE-2025-27563LOWCVSS 3.3EG 3.32025-06-08
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission.
- CVE-2025-27703MEDIUMCVSS 6.0EG 6.02025-05-28
CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can eleva…
- CVE-2025-30449HIGHCVSS 7.8EG 7.82025-03-31
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
- CVE-2025-30456HIGHCVSS 7.8EG 7.82025-03-31
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root…
- CVE-2025-31184HIGHCVSS 7.8EG 7.82025-03-31
This issue was addressed with improved permissions checking. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4. An app may gain unauthorized access to Local Network.
- CVE-2025-32696NONECVSS 0.0EG 0.02025-04-10
Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: bef…
- CVE-2025-32697NONECVSS 0.0EG 0.02025-04-10
Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/editpage/IntroMessageBuilder.Php, includes/Permissions/PermissionManager.Php, includes/Permi…
- CVE-2025-34298HIGHCVSS 8.8EG 8.82025-10-30
Nagios Log Server versions prior to 2024R1.3.2 contain a privilege escalation vulnerability in the account email-change workflow. A user could set their own email to an invalid value and, due to insufficient validation and authorization ch…
- CVE-2025-37735HIGHCVSS 7.0EG 7.02025-11-06
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.
- CVE-2025-43026HIGHCVSS 7.8EG 7.82025-06-05
A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write.
- CVE-2025-43697HIGHCVSS 7.5EG 7.52025-06-10
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025
- CVE-2025-43698CRITICALCVSS 9.1EG 9.12025-06-10
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field level security controls for Salesforce objects. This impacts OmniStudio: before Spring 2025
- CVE-2025-43700HIGHCVSS 7.5EG 7.52025-06-10
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025.
- CVE-2025-43701HIGHCVSS 7.5EG 7.52025-06-10
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows exposure of Custom Settings data. This impacts OmniStudio: before version 254.
- CVE-2025-55130CRITICALCVSS 9.1EG 7.12026-01-20
A flaw in Node.js’s Permissions model allows attackers to bypass `--allow-fs-read` and `--allow-fs-write` restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the curren…
- CVE-2025-69875HIGHCVSS 7.8EG 7.82026-02-03
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined file…
- CVE-2025-7346HIGHCVSS 8.7EG 7.52025-07-08
Any unauthenticated attacker can bypass the localhost restrictions posed by the application and utilize this to create arbitrary packages
- CVE-2025-8325MEDIUMCVSS 6.3EG 6.32026-05-11
The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This same vulnerability also affects Interna…
- CVE-2025-9615LOWCVSS 3.3EG 3.32026-01-26
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can acce…
- CVE-2026-23556CRITICALCVSS 9.4EG 9.42026-07-09
When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota.
- CVE-2026-24194HIGHCVSS 7.8EG 7.82026-05-26
NVIDIA Display Driver for Linux contains a vulnerability in a kernel mode layer handler, where a user could cause improper permission handling. A successful exploit of this vulnerability might lead to denial of service, escalation of privi…
- CVE-2026-24834HIGHCVSS 8.8EG 8.82026-02-19
Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. In versions prior to 3.27.0, an issue in Kata with Cloud Hypervisor allows a user of the co…
- CVE-2026-25850MEDIUMCVSS 5.5EG 5.52026-05-19
in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak
- CVE-2026-34600MEDIUMCVSS 5.7EG 5.72026-05-19
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer sha…
- CVE-2026-34744MEDIUMCVSS 5.3EG 5.32026-05-19
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access re…
- CVE-2026-35350MEDIUMCVSS 6.6EG 6.62026-04-22
The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p (preserve) flag, the utility applies the source mode bits even if the chown operation is unsucce…
- CVE-2026-35351MEDIUMCVSS 4.2EG 4.22026-04-22
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rathe…
- CVE-2026-35361LOWCVSS 3.4EG 3.42026-04-22
The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove_dir, which cannot remove de…
- CVE-2026-35385HIGHCVSS 8.1EG 7.52026-04-02
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).
- CVE-2026-39828MEDIUMCVSS 6.3EG 6.32026-05-22
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeede…
- CVE-2026-39832CRITICALCVSS 9.1EG 9.12026-05-22
When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of t…
- CVE-2026-40767HIGHCVSS 7.5EG 7.52026-06-15
Unauthenticated Broken Access Control in wpForo Forum < 3.0.2 versions.
- CVE-2026-4360MEDIUMCVSS 5.3EG 5.32026-06-30
In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the u…
- CVE-2026-44832HIGHCVSS 8.8EG 8.82026-05-26
Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit permission can escalate their own privileges to admin by sending a PATCH request to /api/v1/users/{id} with permissions[admin]=1…
- CVE-2026-44947MEDIUMCVSS 6.9EG 6.92026-06-30
A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an admin…
- CVE-2026-58494MEDIUMCVSS 6.5EG 6.52026-07-08
Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI …
Map vulnerabilities like CWE-281 to your infrastructure
EchelonGraph correlates every CVE — across CWE-281 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →