Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

815 vulnerabilities with CWE-266

CVE-2025-13808 HIGH

Orionsec Orion-ops < 2025-08-01 - Improper Authorization

CVE-2025-13807 MEDIUM

Orionsec Orion-ops < 2025-08-01 - Improper Authorization

CVE-2025-13806 HIGH

Nutzam Nutzboot < 2.6.0 - Incorrect Authorization

CVE-2025-13787 MEDIUM

Zentao < 21.7.7 - Improper Privilege Management

CVE-2025-45311 HIGH

fail2ban-client v0.11.2 - Privilege Escalation

CVE-2025-64761 HIGH

Openbao < 2.4.4 - Incorrect Privilege Assignment

CVE-2025-13576 MEDIUM

Fabian Blog Site - Improper Authorization

CVE-2025-0504 MEDIUM

Black Duck SCA <2025.10.0 - Privilege Escalation

CVE-2025-41115 CRITICAL

Grafana < 12.2.1 - Incorrect Privilege Assignment

CVE-2025-13443 MEDIUM

Macrozheng Mall < 1.0.3 - Improper Access Control

CVE-2025-65094 HIGH

Wbce Cms < 1.6.4 - Improper Authorization

CVE-2025-13250 MEDIUM

Datax-web < 2.1.2 - Improper Access Control

CVE-2025-13131 HIGH

Sonarr 4.0.15.2940 - Local Privilege Escalation

CVE-2025-13130 HIGH

Radarr 5.28.0.10274 - Privilege Escalation

CVE-2025-13118 MEDIUM

Macrozheng Mall < 1.0.3 - Improper Authorization

CVE-2025-13117 MEDIUM

Macrozheng Mall < 1.0.3 - Improper Authorization

CVE-2025-13116 MEDIUM

Macrozheng Mall < 1.0.3 - Improper Authorization

CVE-2025-13115 MEDIUM

Macrozheng Mall < 1.0.3 - Improper Authorization

CVE-2025-13114 MEDIUM

Macrozheng Mall-swarm < 1.0.3 - Improper Authorization

CVE-2025-2843 HIGH

Rhobs Observability-operator < 1.3.0 - Incorrect Privilege Assignment

CVE-2025-63384 MEDIUM

RISC-V Rocket-Chip <1.6 - Privilege Escalation

CVE-2025-56503 MEDIUM

Sublime Text 4 4200 - Privilege Escalation

CVE-2025-6325 CRITICAL

King Addons for Elementor <51.1.36 - Privilege Escalation

CVE-2025-62034 HIGH

uxper Togo <1.0.4 - Privilege Escalation

CVE-2025-60243 CRITICAL

Holest Engineering Selling Commander - Privilege Escalation

Previous Page 9 of 33 Next

Details

Vulnerabilities 815

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy