Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

917 vulnerabilities with CWE-266

CVE-2025-5424 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in Media Page

CVE-2025-5423 MEDIUM

juzaweb CMS < 3.4.2 - Improper Access Control in General Setting Page

CVE-2025-5422 MEDIUM

juzaweb CMS 3.4-3.4.2 - Improper Access Control in Email Logs Page

CVE-2025-5421 MEDIUM

juzaweb CMS 3.4-3.4.2 - Improper Access Control in Plugin Editor Page

CVE-2025-5409 HIGH

Mist Community Edition < 4.7.2 - Improper Access Control in API Token Handler

CVE-2025-5390 MEDIUM

JeeWMS < 2025-05-04 - Improper Access Control in File Handler

CVE-2025-5389 MEDIUM

JeeWMS < 2025-05-04 - Improper Access Control in File Handler

CVE-2025-5387 MEDIUM

JeeWMS < 2025-05-04 - Improper Access Control in File Handler

CVE-2025-4493 MEDIUM

Devolutions Server <= 2024.3.15.0 and 2025.1.3.0-2025.1.7.0 - Incorrect Privilege Assignment via PAM JIT User Interface

CVE-2025-5175 MEDIUM

erdogant pypickle < 2.0.0 - Improper Authorization in Save Function

CVE-2025-5163 MEDIUM

yangshare warehouse_management_system 1.0 - Improper Access Control

CVE-2025-48741 MEDIUM

StrangeBee TheHive <5.2.16-5.3.11-5.4.10 - Info Disclosure

CVE-2025-47631 HIGH

Mojoomla Hospital Management System <11 - Privilege Escalation

CVE-2025-47539 CRITICAL

Eventin <= 4.0.26 - Privilege Escalation via Incorrect Privilege Assignment

CVE-2025-39489 CRITICAL

Pebas CouponXL <4.5.0 - Privilege Escalation

CVE-2025-31918 CRITICAL

Simple Business Directory Pro <15.4.8 - Privilege Escalation

CVE-2025-48695 MEDIUM

CyberDAVA <1.1.20 - Privilege Escalation

CVE-2025-4692 MEDIUM

ABUP Cloud Update Platform - Privilege Escalation

CVE-2025-47291 HIGH

containerd 2.0.1-2.0.4 - Denial of Service via Incorrect Cgroup Hierarchy Assignment

CVE-2025-39366 HIGH

Rocket Apps wProject <5.8.0 - Privilege Escalation

CVE-2025-39459 HIGH

Contempo Themes Real Estate <3.5.2 - Privilege Escalation

CVE-2025-39405 HIGH

mojoomla WPAMS <44.0 - Privilege Escalation

CVE-2025-4819 LOW

y_project RuoYi 4.8.0 - Auth Bypass

CVE-2025-0135 LOW

Palo Alto Networks GlobalProtect <macOS - Privilege Escalation

CVE-2025-0131 HIGH

Palo Alto Networks GlobalProtect - Privilege Escalation

Previous Page 21 of 37 Next

Details

Vulnerabilities 917

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy