Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-1220

CWE-1220

Insufficient Granularity of Access Control

Parent: CWE-284 - Improper Access Control

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

85 vulnerabilities with CWE-1220

CVE-2026-9088 LOW

Keycloak: keycloak: information disclosure due to user profile permission bypass

CVE-2026-37981 MEDIUM

Keycloak: org.keycloak.authorization: keycloak: information disclosure via broken access control in user lookup endpoint

CVE-2026-40365 HIGH

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2026-35436 HIGH

Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

CVE-2026-40690 MEDIUM

Apache Airflow: Assets graph view bypasses DAG level access control displaying unrelated topologies and all DAGs names to unauthorized users

CVE-2026-38743 MEDIUM

Apache Airflow: Dags endpoint might provide access to otherwise inaccessible entities

CVE-2026-6356 CRITICAL

Augmentt 1.0 - Privilege Escalation

CVE-2026-6388 CRITICAL

Argocd-image-updater: argocd image updater: cross-namespace privilege escalation via insufficient namespace validation

CVE-2026-33825 HIGH KEV

Microsoft Defender Elevation of Privilege Vulnerability

CVE-2026-20107 MEDIUM

Cisco APIC 6.1(1f-3g) Authenticated DoS via Crafted CLI Commands

CVE-2026-0873 MEDIUM

Ercom Cryptobox >=v4.40.x - Authenticated Privilege Escalation to Global Administrator

CVE-2025-20628 MEDIUM

Insufficient granularity of access control for Remote Connector Servers in client mode

CVE-2025-48517 MEDIUM

SEV firmware - Privilege Escalation

CVE-2025-48514 MEDIUM

SEV firmware - Privilege Escalation

CVE-2025-11246 MEDIUM

GitLab CE/EE <18.5.5-18.7.1 - Privilege Escalation

CVE-2025-8306 MEDIUM

Asseco InfoMedica - Info Disclosure

CVE-2025-20305 MEDIUM

Cisco Identity Services Engine - Authenticated Sensitive Information Disclosure via Web Interface

CVE-2025-8053 CRITICAL

Opentext Flipper <3.1.2 - Privilege Escalation

CVE-2025-8049 HIGH

Opentext Flipper <3.1.2 - Privilege Escalation

CVE-2025-54461 MEDIUM

ChatLuck < V6.6 R2.0 - Unauthenticated Guest User Registration via Invitation Bypass

CVE-2025-7493 CRITICAL

FreeIPA - Privilege Escalation via krbCanonicalName Validation Bypass

CVE-2025-31961 LOW

HCL Connections - Unauthorized Data Update via Broken Access Control

CVE-2025-2498 LOW

Gitlab EE <18.0.6-18.2.2 - Auth Bypass

CVE-2025-22839 HIGH

Intel(R) Xeon(R) 6 Scalable - Privilege Escalation

CVE-2025-7001 MEDIUM

GitLab CE/EE <18.0.5-18.2.1 - Privilege Escalation

Page 1 of 4 Next

Details

Vulnerabilities 85

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy