CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

814 vulnerabilities with CWE-266
CVE-2026-1894 MEDIUM
WeKan <8.20 - Auth Bypass
CVSS 6.3
CVE-2026-1892 MEDIUM
WeKan <8.20 - Auth Bypass
CVSS 5.0
CVE-2026-1733 MEDIUM
Crmeb < 5.6.3 - Improper Authorization
CVSS 4.3
CVE-2026-1702 MEDIUM
Mayurik Pet Grooming Management Software - Improper Authorization
CVSS 6.3
CVE-2026-1597 MEDIUM
Bdtask SalesERP <20260116 - Auth Bypass
CVSS 6.3
CVE-2026-1550 MEDIUM
Phpgurukul Hospital Management System - Improper Authorization
CVSS 6.3
CVE-2026-1411 MEDIUM
Beetel 777vr1 Firmware < 01.00.09_55 - Improper Access Control
CVSS 6.1
CVE-2026-1193 MEDIUM
Mineadmin - Improper Authorization
CVSS 6.3
CVE-2026-1141 MEDIUM
Phpgurukul News Portal - Improper Authorization
CVSS 6.3
CVE-2026-1112 MEDIUM
Publiccms < 5.202506.d - Improper Authorization
CVSS 5.4
CVE-2026-1106 MEDIUM
Chamilo LMS <2.0.0 Beta 1 - Auth Bypass
CVSS 5.4
CVE-2026-23800 CRITICAL
Modular DS <2.6.0 - Privilege Escalation
CVSS 10.0
CVE-2026-22916 MEDIUM
Sick Tdc-x401gl Firmware - Incorrect Privilege Assignment
CVSS 4.3
CVE-2026-22914 MEDIUM
Sick Tdc-x401gl Firmware - Incorrect Privilege Assignment
CVSS 4.3
CVE-2026-22908 CRITICAL
Sick Tdc-x401gl Firmware < 1.4.0 - Incorrect Privilege Assignment
CVSS 9.1
CVE-2026-22907 CRITICAL
Sick Tdc-x401gl Firmware < 1.4.0 - Incorrect Privilege Assignment
CVSS 9.9
CVE-2026-23550 CRITICAL
Modular DS - Privilege Escalation
CVSS 9.8
CVE-2026-20852 HIGH
Windows Hello < Privilege Escalation
CVSS 7.7
CVE-2026-20804 HIGH
Windows Hello < Privilege Escalation
CVSS 7.7
CVE-2026-0574 MEDIUM
yeqifu warehouse <aaf29962ba407d22d991781de28796ee7b4670e4 - Privil...
CVSS 6.3
CVE-2025-15597 MEDIUM
Dataease SQLBot <1.4.0 - Auth Bypass
CVSS 6.3
CVE-2025-33179 HIGH
NVIDIA Cumulus Linux/NVOS - Privilege Escalation
CVSS 8.0
CVE-2025-69378 HIGH
XforWooCommerce Product Filter <=9.1.2 - Privilege Escalation
CVSS 7.2
CVE-2025-14282 MEDIUM
Dropbear - Privilege Escalation
CVSS 5.4
CVE-2025-14778 MEDIUM
Org.keycloak Keycloak-services - Incorrect Privilege Assignment
CVSS 5.4
Details
Vulnerabilities 814
Links
MITRE CWE Entry Search this CWE With Exploits