Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

814 vulnerabilities with CWE-266

CVE-2026-1712 MEDIUM

Hypr Server < 10.7 - Privilege Escalation

CVE-2026-20110 MEDIUM

Cisco Ios XE Software < 16.6.1 - Denial of Service

CVE-2026-4617 HIGH

SourceCodester Patients Waiting Area Queue Management System Patient Check-In api_patient_checkin.php ValidateToken improper authorization

CVE-2026-4548 MEDIUM

mickasmt next-saas-stripe-starter update-user-role.ts updateUserrole improper authorization

CVE-2026-4514 MEDIUM

PbootCMS Backend UserController.php access control

CVE-2026-27542 CRITICAL

WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Privilege Escalation vulnerability

CVE-2026-4194 HIGH

D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control

CVE-2026-4193 HIGH

D-Link DIR-823G goahead UpdateClientInfo access control

CVE-2026-4180 HIGH

D-Link DIR-816 1.10CNB05 - Auth Bypass

CVE-2026-4013 MEDIUM

SourceCodester Pharmacy System 1.0 - Auth Bypass

CVE-2026-3817 MEDIUM

Patients Waiting Area Queue 1.0 - Auth Bypass

CVE-2026-3796 MEDIUM

Qi-ANXIN QAX Virus Removal - Privilege Escalation

CVE-2026-3764 HIGH

SourceCodester Client DBMS 1.0 - Auth Bypass

CVE-2026-3762 HIGH

SourceCodester CDMS 1.0/3.1 - Auth Bypass

CVE-2026-3761 MEDIUM

SourceCodester Client DBMS 1.0 - Auth Bypass

CVE-2026-3738 MEDIUM

SourceCodester Pet Grooming 1.0 - Auth Bypass

CVE-2026-3737 MEDIUM

SourceCodester Pet Grooming 1.0 - Auth Bypass

CVE-2026-3734 HIGH

SourceCodester Client DBMS 1.0 - Auth Bypass

CVE-2026-3724 MEDIUM

Patients Waiting Area Queue 1.0 - Auth Bypass

CVE-2026-3675 MEDIUM

Freedom Factory dGEN1 <20260221 - Auth Bypass

CVE-2026-3674 MEDIUM

Freedom Factory dGEN1 <20260221 - Auth Bypass

CVE-2026-3671 LOW

Freedom Factory dGEN1 <20260221 - Auth Bypass

CVE-2026-3670 MEDIUM

Freedom Factory dGEN1 <=20260221 - Privilege Escalation

CVE-2026-3669 MEDIUM

Freedom Factory dGEN1 <20260221 - Privilege Escalation

CVE-2026-3668 LOW

Freedom Factory dGEN1 <=20260221 - Auth Bypass

Previous Page 3 of 33 Next

Details

Vulnerabilities 814

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy