Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

914 vulnerabilities with CWE-266

CVE-2025-36007 HIGH

IBM QRadar SIEM 7.5-7.5.0 Update Pack 13 Independent Fix 02 - Privilege Escalation via Update Script

CVE-2025-12304 MEDIUM

TIME-SEA-PLUS <fb299162f18498dd9cf17da906886d80a077d53b - Auth Bypass

CVE-2025-62007 HIGH

bPlugins Voice Feedback <=1.0.3 - Privilege Escalation

CVE-2025-60222 HIGH

SUMO Memberships for WooCommerce <= 7.6.0 - Privilege Escalation

CVE-2025-60220 CRITICAL

CouponXxL <3.0.0 - Privilege Escalation

CVE-2025-60211 HIGH

extendons WooCommerce Registration Fields Plugin - Custom Signup Fi...

CVE-2025-59580 HIGH

Goodlayers Core < 2.1.7 - Privilege Escalation

CVE-2025-53428 HIGH

N-Media Simple User Registration <6.4 - Privilege Escalation

CVE-2025-53425 HIGH

Dokan <4.1.2 - Privilege Escalation

CVE-2025-49924 HIGH

Wholesale Suite <2.2.4.2 - Privilege Escalation

CVE-2025-48082 HIGH

Progress Planner <= 1.8.0 - Privilege Escalation

CVE-2025-62645 CRITICAL

Restaurant Brands International Assistant < 2025-09-06 Privilege Escalation via GraphQL

CVE-2025-11853 MEDIUM

Sismics Teedy < 1.11 - Improper Access Control in API Endpoint

CVE-2025-10577 HIGH

HP Sound Research SECOMN64 Driver - Incorrect Privilege Assignment

CVE-2025-10576 HIGH

HP Sound Research SECOMN64 Driver - Incorrect Privilege Assignment

CVE-2025-10038 MEDIUM

Binary MLM Plan <3.0 - Privilege Escalation

CVE-2025-11646 MEDIUM

Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Improper Access Controls in GATT Service

CVE-2025-11641 LOW

Furbo 360 Dog Camera Firmware < 036 and Furbo Mini Firmware < 074 - Improper Access Control in Trial Restriction Handler

CVE-2025-11554 MEDIUM

Portabilis i-Educar <2.9.10 - Privilege Escalation

CVE-2025-11440 MEDIUM

JhumanJ OpnForm <1.9.3 - Improper Access Controls

CVE-2025-61785 LOW

Deno < 2.2.15 and 2.3.0-2.5.2 - Incorrect Privilege Assignment via FsFile utime Methods

CVE-2025-43914 HIGH

Dell PowerProtect Data Domain BoostFS Incorrect Privilege Assignment

CVE-2025-11281 MEDIUM

Frappe LMS 2.35.0 - Info Disclosure

CVE-2025-11272 MEDIUM

SeriaWei ZKEACMS <4.3 - Auth Bypass

CVE-2025-10725 CRITICAL

Red Hat Openshift AI Service - Privilege Escalation

Previous Page 14 of 37 Next

Details

Vulnerabilities 914

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy