Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

815 vulnerabilities with CWE-266

CVE-2025-15087 MEDIUM

Youlai-mall - Improper Authorization

CVE-2025-15086 MEDIUM

Youlai-mall - Improper Access Control

CVE-2025-15085 MEDIUM

Youlai-mall - Incorrect Authorization

CVE-2025-15084 LOW

Youlai-mall - Improper Access Control

CVE-2025-14889 MEDIUM

Campcodes Advanced Voting Management System - Improper Authorization

CVE-2025-64188 CRITICAL

PenciDesign Soledad <=8.6.9 - Privilege Escalation

CVE-2025-59134 HIGH

Sale! Immigration law - Privilege Escalation

CVE-2025-58710 HIGH

e-plugins Hotel Listing <1.4.0 - Privilege Escalation

CVE-2025-55707 HIGH

WPXPO PostX <4.1.35 - Privilege Escalation

CVE-2025-49379 HIGH

silverplugins217 Custom Fields Account Registration For Woocommerce...

CVE-2025-14749 MEDIUM

Shenzhenningyuandatechnology Tc155 Firmware - Improper Access Control

CVE-2025-14748 MEDIUM

Shenzhenningyuandatechnology Tc155 Firmware - Improper Access Control

CVE-2025-14503 HIGH

Harmonix on AWS <0.4.2 - Privilege Escalation

CVE-2025-13888 CRITICAL

Redhat-developer Gitops-operator - Incorrect Privilege Assignment

CVE-2025-14660 MEDIUM

DecoCMS Mesh <1.0.0-alpha.31 - Improper Access Control

CVE-2025-65807 HIGH

sd command <1.0.0 - Privilege Escalation

CVE-2025-14206 MEDIUM

SourceCodester Online Student Clearance System 1.0 - Auth Bypass

CVE-2025-14089 MEDIUM

Himool ERP <2.2 - Privilege Escalation

CVE-2025-14088 MEDIUM

ketr JEPaaS <7.2.8 - Auth Bypass

CVE-2025-14086 MEDIUM

Youlai-mall - Improper Access Control

CVE-2025-14052 MEDIUM

Youlai-mall - Improper Access Control

CVE-2025-55948 HIGH

X-SpringBoot 6.0 - SSRF

CVE-2025-14016 MEDIUM

Macrozheng Mall-swarm < 1.0.3 - Incorrect Authorization

CVE-2025-65842 MEDIUM

Aquarius HelperTool 1.0.003 - Privilege Escalation

CVE-2025-66296 HIGH

Grav <1.8.0-beta.27 - Privilege Escalation

Previous Page 8 of 33 Next

Details

Vulnerabilities 815

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy