CWE-285— Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.— MITRE CWE catalog
1,351 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-285page 24 of 28
- CVE-2026-2078MEDIUMCVSS 6.3EG 6.32026-02-07
A vulnerability was detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addPermission/updatePermission/deletePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\con…
- CVE-2026-2079MEDIUMCVSS 6.3EG 6.32026-02-07
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addMenu/updateMenu/deleteMenu of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\Men…
- CVE-2026-20960HIGHCVSS 8.0EG 8.02026-01-16
Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.
- CVE-2026-2105MEDIUMCVSS 6.3EG 6.32026-02-07
A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\DeptCo…
- CVE-2026-2106MEDIUMCVSS 6.3EG 6.32026-02-07
A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the file dataset\repos\warehouse\src\main\java…
- CVE-2026-2107MEDIUMCVSS 6.3EG 6.32026-02-07
A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\contro…
- CVE-2026-2109MEDIUMCVSS 5.4EG 5.42026-02-07
A vulnerability was identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file /api/undo/ of the component Delete Category Handler. Such manipulation of the argument ID leads to improper authorization. T…
- CVE-2026-2141MEDIUMCVSS 6.3EG 6.32026-02-08
A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Perfo…
- CVE-2026-21641MEDIUMCVSS 6.5EG 7.12026-01-20
HackerOne community member Jad Ghamloush (0xjad) has reported an authorization bypass vulnerability in the `tracker-delete.php` script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers …
- CVE-2026-21724MEDIUMCVSS 5.4EG 5.42026-03-26
A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.prote…
- CVE-2026-22022HIGHCVSS 8.2EG 8.22026-01-21
Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. …
- CVE-2026-22033MEDIUMCVSS 5.4EG 5.42026-01-12
Label Studio is a multi-type data labeling and annotation tool. In 1.22.0 and earlier, a persistent stored cross-site scripting (XSS) vulnerability exists in the custom_hotkeys functionality of the application. An authenticated attacker (o…
- CVE-2026-22042HIGHCVSS 8.8EG 8.82026-01-08
RustFS is a distributed object storage system built in Rust. Prior to version 1.0.0-alpha.79, he `ImportIam` admin API validates permissions using `ExportIAMAction` instead of `ImportIAMAction`, allowing a principal with export-only IAM pe…
- CVE-2026-2209MEDIUMCVSS 6.3EG 6.32026-02-08
A vulnerability was detected in WeKan up to 8.18. The affected element is the function setCreateTranslation of the file client/components/settings/translationBody.js of the component Custom Translation Handler. The manipulation results in …
- CVE-2026-22252CRITICALCVSS 9.1EG 9.12026-01-12
LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbitrary commands without validation, allowing any authenticated user to execute shell commands as root inside the contain…
- CVE-2026-2294MEDIUMCVSS 4.3EG 4.32026-03-21
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'uip_save_global_settings' function in all versions up…
- CVE-2026-23623MEDIUMCVSS 5.3EG 5.32026-02-06
Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.20.1, 24.04.17.3, and 25.04.7.5, a user …
- CVE-2026-24305CRITICALCVSS 9.3EG 9.32026-01-22
Azure Entra ID Elevation of Privilege Vulnerability
- CVE-2026-24835HIGHCVSS 7.1EG 7.12026-01-28
Podman Desktop is a graphical tool for developing on containers and Kubernetes. A critical authentication bypass vulnerability in Podman Desktop prior to version 1.25.1 allows any extension to completely circumvent permission checks and ga…
- CVE-2026-25724HIGHCVSS 7.5EG 7.52026-02-06
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a f…
- CVE-2026-25809CRITICALCVSS 9.8EG 9.82026-02-09
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment lifecycle state before allowing execution. There is no check to ensure that the…
- CVE-2026-25885HIGHCVSS 7.5EG 7.52026-02-09
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-16 and earlier, the group chat WebSocket at wss://polarlearn.nl/api/v1/ws can be used without logging in. An unauthenticated client can subscribe to any group chat by p…
- CVE-2026-25893CRITICALCVSS 9.8EG 9.82026-02-09
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA allows an unauthenticated, remote attacker to gain administrative access via the heartbeat refresh AP…
- CVE-2026-25999HIGHCVSS 7.1EG 7.12026-02-11
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By se…
- CVE-2026-26020HIGHCVSS 8.8EG 8.82026-02-12
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.48, an authenticated user could achieve Remote Code Execution (RCE) on the backen…
- CVE-2026-2694MEDIUMCVSS 5.4EG 5.42026-02-25
The The Events Calendar plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to an improper capability check on the 'can_edit' and 'can_delete' function in all versions up to, and including, 6.15.16.…
- CVE-2026-2733LOWCVSS 3.8EG 3.82026-02-19
A flaw was identified in the Docker v2 authentication endpoint of Keycloak, where tokens continue to be issued even after a Docker registry client has been administratively disabled. This means that turning the client “Enabled” setting…
- CVE-2026-27912HIGHCVSS 8.0EG 8.02026-04-14
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
- CVE-2026-28806HIGHCVSS 8.8EG 8.82026-03-10
Improper Authorization vulnerability in nerves-hub nerves_hub_web allows cross-organization device control via device bulk actions and device update API. Missing authorization checks in the device bulk actions and device update API endpoi…
- CVE-2026-2892HIGHCVSS 7.5EG 7.52026-04-30
The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including, 3.1.4. This is due to the 'get_customer_data' method relying on an unsigned 'o_stripe_data' cookie to determine Strip…
- CVE-2026-2974LOWCVSS 2.5EG 2.52026-02-23
A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file shared_prefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/ref…
- CVE-2026-30495HIGHCVSS 8.8EG 8.82026-05-07
The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the network without requiring authentication. The device is configured with ro.adb.secure=0, which disa…
- CVE-2026-30496CRITICALCVSS 9.8EG 9.82026-05-07
The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports both reading configuration (74 endpoints) a…
- CVE-2026-32213CRITICALCVSS 10.0EG 10.02026-04-03
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-32252HIGHCVSS 7.7EG 7.72026-04-10
Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.9.0, a cross-tenant authorization bypass exists in Chartbrew in GET /team/:team_id/template/generate/…
- CVE-2026-3237MEDIUMCVSS 4.3EG 4.32026-03-17
In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It …
- CVE-2026-3269MEDIUMCVSS 4.3EG 4.32026-02-27
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Sess…
- CVE-2026-33105CRITICALCVSS 10.0EG 10.02026-04-03
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-33146MEDIUMCVSS 4.3EG 4.32026-04-14
Docmost is open-source collaborative wiki and documentation software. An authorization bypass vulnerability in versions 0.70.0 through 0.70.2 exposes restricted child page titles and text snippets through the public search endpoint (`POST …
- CVE-2026-33186CRITICALCVSS 9.1EG 9.12026-03-20
gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic,…
- CVE-2026-33398HIGHCVSS 7.1EG 7.12026-06-02
NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/pages/forum/get_quotes.php` only checks whether the caller is logged in, then reads a post by attacker-controlled `post` ID and returns its content. The…
- CVE-2026-33823CRITICALCVSS 9.6EG 9.62026-05-07
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
- CVE-2026-33950CRITICALCVSS 9.4EG 9.42026-04-02
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0-beta.4, there is a privilege escalation vulnerability by Admin Role Injection via /enableSecurity. An unauthenticated attacker can gain f…
- CVE-2026-34048CRITICALCVSS 9.9EG 9.92026-07-07
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing …
- CVE-2026-34222HIGHCVSS 7.7EG 7.72026-04-01
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.11, there is a broken access control vulnerability in tool values. This issue has been patched in version 0.8.11.
- CVE-2026-34315MEDIUMCVSS 6.5EG 6.52026-04-21
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allow…
- CVE-2026-34320HIGHCVSS 7.5EG 7.52026-04-21
Vulnerability in the Oracle Financial Services Customer Screening product of Oracle Financial Services Applications (component: User Interface). The supported version that is affected is 8.1.2.8.0. Easily exploitable vulnerability allows…
- CVE-2026-34321MEDIUMCVSS 4.8EG 4.82026-04-21
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. D…
- CVE-2026-34370MEDIUMCVSS 6.5EG 6.52026-04-14
Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the notebook module contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated student to read the private cour…
- CVE-2026-34656MEDIUMCVSS 4.3EG 4.32026-05-12
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vu…
Map vulnerabilities like CWE-285 to your infrastructure
EchelonGraph correlates every CVE — across CWE-285 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →