CWE-863— Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.— MITRE CWE catalog
3,830 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-863page 76 of 77
- CVE-2026-55873MEDIUMCVSS 4.3EG 4.32026-07-08
SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin …
- CVE-2026-56074MEDIUMCVSS 5.5EG 5.52026-06-18
PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a be…
- CVE-2026-56075HIGHCVSS 8.8EG 8.82026-06-18
PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overriding administrator configuration from PRAISON_APPROVAL_MODE environment variable. Authenticated…
- CVE-2026-56086HIGHCVSS 8.8EG 8.82026-07-08
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Incorrect Autho…
- CVE-2026-56152MEDIUMCVSS 5.3EG 5.32026-07-01
Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can a…
- CVE-2026-56220MEDIUMCVSS 6.5EG 6.52026-07-08
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entr…
- CVE-2026-56232HIGHCVSS 8.8EG 8.82026-06-24
Capgo before 12.128.2 fails to enforce limited_to_orgs and limited_to_apps constraints on subkeys provided via x-limited-key-id header in middlewareKey function. Attackers can bypass subkey scope restrictions by referencing their own subke…
- CVE-2026-56252MEDIUMCVSS 5.4EG 5.42026-07-12
Capgo before 12.128.2 contains a scope isolation vulnerability in the POST /webhooks/test endpoint that allows app-scoped API keys to invoke org-scoped webhook operations. Attackers with app-scoped credentials can trigger signed outbound w…
- CVE-2026-56268HIGHCVSS 7.7EG 7.72026-05-20
Flowise before 3.1.2 contains an information disclosure vulnerability in the /api/v1/chatflows/apikey/:apikey endpoint. When the keyonly query parameter is omitted (the default), the endpoint returns not only the chatflows bound to the sup…
- CVE-2026-56424HIGHCVSS 8.8EG 8.82026-06-22
MISP core contained multiple broken access-control flaws where authorization checks were performed against the wrong entity, or where ownership/editability checks were missing on write paths. In affected subsystems, a lower-privileged auth…
- CVE-2026-56694MEDIUMCVSS 5.4EG 5.42026-06-23
NanoClaw before 2.1.0 contains a privilege escalation vulnerability in the channel-registration approval flow where handleChannelApprovalResponse fails to validate admin privileges over target agent groups. Scoped admins can submit forged …
- CVE-2026-56775MEDIUMCVSS 5.4EG 5.42026-07-08
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:…
- CVE-2026-56776HIGHCVSS 7.4EG 7.42026-07-08
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/{workflowId}/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user w…
- CVE-2026-56778MEDIUMCVSS 6.4EG 6.42026-07-08
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only…
- CVE-2026-56842HIGHCVSS 7.5EG 7.52026-07-02
A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access ha…
- CVE-2026-5712HIGHCVSS 8.0EG 8.02026-04-29
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editin…
- CVE-2026-57215HIGHCVSS 8.8EG 8.82026-07-10
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.20, 4.1.11, and 4.2.6, RabbitMQ allows foreign bindings to amq.rabbitmq.reply-to destinations because volatile direct-reply-to queues can be accepted at bind and route tim…
- CVE-2026-57217MEDIUMCVSS 6.5EG 6.52026-07-10
RabbitMQ is a messaging and streaming broker. Prior to 3.13.15, 4.0.21, 4.1.11, and 4.2.6, RabbitMQ topic authorization can allow restricted topic writes and binds during metadata-store failures because topic-permission lookup errors from …
- CVE-2026-57218MEDIUMCVSS 6.5EG 6.52026-07-10
RabbitMQ is a messaging and streaming broker. Prior to 4.2.6, RabbitMQ AMQP 0-9-1 allows an existing consumer to keep receiving messages after OAuth token expiry or connection.update_secret refresh to reduced scopes because existing consum…
- CVE-2026-57950HIGHCVSS 8.1EG 8.12026-06-29
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderController that allows attackers with erp:sale-out permissions to gain unauthorized access to sale order operations by exp…
- CVE-2026-57951MEDIUMCVSS 6.5EG 6.52026-06-29
Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table with an always-satisfied _or condition that bypasses operation-scoped access controls. Authenticated operators and spectators can query paylo…
- CVE-2026-57953MEDIUMCVSS 5.4EG 5.42026-06-29
Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform unauthorized write operations by accessing the eventing_import_automatic_webhook endpoint registered under spec…
- CVE-2026-5796MEDIUMCVSS 4.3EG 4.32026-06-25
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with Reporter-level group per…
- CVE-2026-58056HIGHCVSS 7.6EG 7.62026-06-28
RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can in…
- CVE-2026-58209MEDIUMCVSS 4.3EG 4.32026-07-08
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics matched a s…
- CVE-2026-58211MEDIUMCVSS 5.4EG 5.42026-07-08
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured no_auth_user through a parser path used when the first client ope…
- CVE-2026-58214MEDIUMCVSS 4.3EG 4.32026-07-08
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an authenticated MQTT client could subscribe to the internal $MQTT.deliver.pubrel subject family, bypassing conf…
- CVE-2026-58254MEDIUMCVSS 6.5EG 6.52026-07-08
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.8, message trace destination checks were applied to ordinary client connections but not consistently to messages arr…
- CVE-2026-58408MEDIUMCVSS 6.5EG 6.52026-07-13
ChurchCRM is an open-source church management system. Prior to version 7.4.0, a low-privileged user can bypass the /admin/export UI and exfiltrate the entire member directory. The POST /CSVCreateFile.php endpoint generates and streams a CS…
- CVE-2026-58424HIGHCVSS 8.9EG 8.92026-07-03
Permanent Fork PR Workflow Approval Gate Bypass
- CVE-2026-58494MEDIUMCVSS 6.5EG 6.52026-07-08
Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI …
- CVE-2026-59154MEDIUMCVSS 4.3EG 4.32026-07-10
Wekan is open source kanban built with Meteor. Prior to 9.64, Wekan has a cross-board authorization bypass in the direct Meteor collection allow rules for Checklists and ChecklistItems because updates are authorized only against the curren…
- CVE-2026-59212MEDIUMCVSS 5.4EG 5.42026-07-09
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, _verify_knowledge_file_access only checked read access while file write and delete routes later trusted object-derived access t…
- CVE-2026-59217MEDIUMCVSS 4.3EG 4.32026-07-09
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledge_id and auto-linked uploaded files to a target knowledge base without applying the write…
- CVE-2026-59226MEDIUMCVSS 4.3EG 4.32026-07-09
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0, execute_automation rehydrated automation owners without rechecking that they were still active or still had features.automation…
- CVE-2026-59227MEDIUMCVSS 5.4EG 5.42026-07-09
Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user ima…
- CVE-2026-5952MEDIUMCVSS 4.3EG 4.32026-06-25
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.11 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with developer-role permissi…
- CVE-2026-59889MEDIUMCVSS 6.5EG 6.52026-07-14
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.18.0 until 2.18.9, 2.21.5, 2.22.1, 3.1.5, and 3.2.1, UnwrappedPropertyHandler.processUnwrapped() replays buffered JS…
- CVE-2026-60125MEDIUMCVSS 5.3EG 5.32026-07-08
MISP’s importModule() path used getEnabledModule() to resolve a single import module by name, but this lookup did not enforce the per-organisation module restriction checked by getEnabledModules(). As a result, an authenticated user from…
- CVE-2026-61474MEDIUMCVSS 5.3EG 5.32026-07-09
An improper authorization check in MISP’s attribute creation endpoint allowed an authenticated user with permission to add attributes to submit a sharing_group_id without triggering the corresponding sharing group authorization check, as…
- CVE-2026-61874LOWCVSS 3.1EG 3.12026-07-12
filebrowser versions before 2.63.17 fail to normalize paths before querying the share index in DeleteWithPathPrefix, allowing authenticated users to leave stale public shares behind. Attackers can delete a shared directory using a trailing…
- CVE-2026-62147MEDIUMCVSS 6.5EG 6.52026-07-13
The Tempo Operator's gateway component failed to consistently apply namespace-scoped redaction on some query API response paths when query RBAC was enabled, allowing an authenticated user to read span attributes belonging to other tenants'…
- CVE-2026-62186HIGHCVSS 7.6EG 7.62026-07-13
OpenClaw versions before 2026.6.8 contain an authorization bypass vulnerability in OpenAI-compatible HTTP model overrides that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit mis…
- CVE-2026-62187HIGHCVSS 8.1EG 8.12026-07-13
OpenClaw Feishu tools (npm package @openclaw/feishu) in versions <= 2026.6.6 could ignore per-account disablement. A lower-trust caller or a configured input path could perform actions that should have required a stronger authorization or …
- CVE-2026-62188HIGHCVSS 8.1EG 8.12026-07-13
OpenClaw @openclaw/feishu versions 2026.6.6 and earlier contain an incorrect authorization vulnerability in which the Feishu permission tools could ignore per-account disablement settings. When the affected feature is enabled and reachable…
- CVE-2026-62190HIGHCVSS 8.8EG 8.82026-07-13
OpenClaw versions before 2026.6.9 contain an authorization bypass vulnerability in the flock wrapper that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can leverage configured input…
- CVE-2026-62191HIGHCVSS 7.1EG 7.12026-07-13
OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in message mutation handling that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconf…
- CVE-2026-62192HIGHCVSS 8.1EG 8.12026-07-13
OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in Discord guild actions that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can exploit misconfigur…
- CVE-2026-62193MEDIUMCVSS 6.5EG 4.92026-07-13
OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install policy (authorization) check. When the affected feature is enabled and reachable, a lower-trust caller or a confi…
- CVE-2026-62196HIGHCVSS 8.3EG 8.32026-07-13
OpenClaw versions 2026.3.22 before 2026.6.6 contain an authorization bypass vulnerability where WhatsApp group IDs can satisfy elevated sender allowlists. Attackers with lower-trust access can perform actions requiring stronger authorizati…
Map vulnerabilities like CWE-863 to your infrastructure
EchelonGraph correlates every CVE — across CWE-863 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →