CVE & Exploit Intelligence Database

CVE-2026-21736 4.4 MEDIUM

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the memory protections for the user-mode wrapped memory resource.

CWE-280 Mar 09, 2026

CVE-2026-0047 8.4 HIGH EPSS 0.00

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE-280 Mar 02, 2026

CVE-2026-1772 5.3 MEDIUM EPSS 0.00

RTU500 web interface: An unprivileged user can read user management information. The information cannot be accessed via the RTU500 web user interface but requires further tools like browser development utilities to access them without required privileges.

CWE-280 Feb 24, 2026

CVE-2026-23857 8.2 HIGH EPSS 0.00

Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

CWE-280 Feb 12, 2026

CVE-2025-67848 8.1 HIGH EPSS 0.00

A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access to the system. This can lead to information disclosure or other unauthorized actions by users who should be restricted.

CWE-280 Feb 03, 2026

CVE-2026-20817 7.8 HIGH 1 PoC Analysis EPSS 0.00

Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.

CWE-280 Jan 13, 2026

CVE-2025-46066 9.9 CRITICAL EPSS 0.00

An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges

CWE-280 Jan 12, 2026

CVE-2025-64997 6.5 MEDIUM EPSS 0.00

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.

CWE-280 Dec 18, 2025

CVE-2025-43527 7.8 HIGH EPSS 0.00

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to gain root privileges.

CWE-280 Dec 12, 2025

CVE-2025-58770 8.8 HIGH EPSS 0.00

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability.

CWE-280 Dec 12, 2025

CVE-2025-58122 5.4 MEDIUM EPSS 0.00

Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure.

CWE-280 Nov 18, 2025

CVE-2025-58121 5.4 MEDIUM EPSS 0.00

Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information

CWE-280 Nov 18, 2025

CVE-2025-58410 7.5 HIGH EPSS 0.00

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource.

CWE-280 Nov 17, 2025

CVE-2025-62510 8.1 HIGH 1 Writeup EPSS 0.00

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression allowed folder visibility/ownership to be inferred from folder names. Low-privilege users could see or interact with folders matching their username and, in some cases, other users’ content. This issue has been patched in version 1.5.0, where it introduces explicit per-folder ACLs (owners/read/write/share/read_own) and strict server-side checks across list, read, write, share, rename, copy/move, zip, and WebDAV paths.

CWE-284 Oct 20, 2025

CVE-2025-62509 8.1 HIGH 1 Writeup EPSS 0.00

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to version 1.4.0, a business logic flaw in FileRise’s file/folder handling allows low-privilege users to perform unauthorized operations (view/delete/modify) on files created by other users. The root cause was inferring ownership/visibility from folder names (e.g., a folder named after a username) and missing server-side authorization/ownership checks across file operation endpoints. This amounted to an IDOR pattern: an attacker could operate on resources identified only by predictable names. This issue has been patched in version 1.4.0 and further hardened in version 1.5.0. A workaround for this issue involves restricting non-admin users to read-only or disable delete/rename APIs server-side, avoid creating top-level folders named after other usernames, and adding server-side checks that verify ownership before delete/rename/move.

CWE-284 Oct 20, 2025

CVE-2025-62176 4.3 MEDIUM 1 Writeup EPSS 0.00

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, the streaming server accepts serving events for public timelines to clients using any valid authentication token, even if those tokens lack the read:statuses scope. This allows OAuth clients without the read scope to subscribe to public channels and receive public timeline events. The impact is limited, as this only affects new public posts published on the public timelines and requires an otherwise valid token, but this may lead to unexpected access to public posts in a limited-federation setting. This issue has been patched in versions 4.4.6, 4.3.14, and 4.2.27. No known workarounds exist.

CWE-280 Oct 13, 2025

CVE-2025-45376 7.5 HIGH EPSS 0.00

Dell Repository Manager (DRM), versions 3.4.7 and 3.4.8, contains an Improper Handling of Insufficient Permissions or Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.

CWE-280 Sep 29, 2025

CVE-2025-58457 4.3 MEDIUM EPSS 0.00

Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be mitigated by disabling both commands (via admin.snapshot.enabled and admin.restore.enabled), disabling the whole AdminServer interface (via admin.enableServer), or ensuring that the root ACL does not provide open permissions. (Note that ZooKeeper ACLs are not recursive, so this does not impact operations on child nodes besides notifications from recursive watches.)

CWE-280 Sep 24, 2025

CVE-2025-59040 4.3 MEDIUM 1 Writeup EPSS 0.00

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Backlog item representations do not verify the permissions of the child trackers. Users might see tracker names they should not have access to. This vulnerability is fixed in Tuleap Community Edition 16.11.99.1757427600 and Tuleap Enterprise Edition 16.11-6 and 16.10-8.

CWE-280 Sep 18, 2025

CVE-2025-50170 7.8 HIGH EPSS 0.00

Improper handling of insufficient permissions or privileges in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CWE-280 Aug 12, 2025