Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

917 vulnerabilities with CWE-266

CVE-2025-3305 MEDIUM

IKUN_Library 1.0 - Improper Access Controls

CVE-2025-3298 MEDIUM

SourceCodester Online Eyewear Shop 1.0 - Info Disclosure

CVE-2025-3256 MEDIUM

xujiangfei admintwo 1.0 - Improper Access Controls

CVE-2025-3255 MEDIUM

xujiangfei admintwo 1.0 - Improper Access Controls

CVE-2025-31420 HIGH

Tomdever wpForo Forum <2.4.2 - Privilege Escalation

CVE-2025-3237 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-3236 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-3202 HIGH

ageerle ruoyi-ai < 2.0.1 - Improper Authorization in SysNoticeController

CVE-2025-3199 HIGH

ruoyi-ai < 2.0.2 - Unauthenticated Improper Authorization in SysModelController

CVE-2025-31560 HIGH

Salonbookingsystem Salon Booking System < 10.11 - Incorrect Privilege Assignment

CVE-2025-29036 MEDIUM

hackathon-starter <8.1.0 - Privilege Escalation

CVE-2025-27095 MEDIUM

JumpServer <4.8.0, 3.10.18 - Privilege Escalation

CVE-2025-2996 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2995 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2994 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2993 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2992 MEDIUM

Tenda FH1202 1.2.0.14(408 - Improper Access Controls

CVE-2025-2991 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2990 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2989 MEDIUM

Tenda FH1202 1.2.0.14(408) - Info Disclosure

CVE-2025-2955 MEDIUM

TOTOLINK A3000RU <5.9c.5185 - Improper Access Controls

CVE-2025-2954 LOW

mannaandpoem OpenManus <2025.3.13 - Improper Access Controls

CVE-2025-2713 HIGH

gVisor < 20240325.0 - Local Privilege Escalation via File Access Permission Mishandling

CVE-2025-26512 CRITICAL

SnapCenter < 6.0.1P1 and < 6.1P1 - Authenticated Privilege Escalation to Admin via Plug-in

CVE-2025-2688 MEDIUM

TOTOLINK A3000RU <5.9c.5185 - Improper Access Controls

Previous Page 24 of 37 Next

Details

Vulnerabilities 917

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy