Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-266

CWE-266

Incorrect Privilege Assignment

Parent: CWE-269 - Improper Privilege Management

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

914 vulnerabilities with CWE-266

CVE-2026-2206 MEDIUM

Wekan < 8.21 - Improper Access Control in Administrative Repair Handler

CVE-2026-2109 MEDIUM

jsbroks COCO Annotator <0.11.1 - Auth Bypass

CVE-2026-2107 MEDIUM

yeqifu warehouse - Improper Authorization in Log Info Handler

CVE-2026-2106 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Notice Management

CVE-2026-2105 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Department Management

CVE-2026-2079 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Menu Management

CVE-2026-2078 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Permission Management

CVE-2026-2077 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Role Management Handler

CVE-2026-2076 MEDIUM

yeqifu warehouse < 2025-10-06 - Improper Authorization in User Management Endpoint

CVE-2026-2075 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Role-Permission Binding Handler

CVE-2026-2015 MEDIUM

Portabilis i-Educar <2.10 - Privilege Escalation

CVE-2026-2010 MEDIUM

Sanluan PublicCMS <4.0-6.202506.d - Privilege Escalation

CVE-2026-2009 MEDIUM

SourceCodester Gas Agency Management System 1.0 - Info Disclosure

CVE-2026-1964 MEDIUM

Wekan < 8.21 - Improper Access Control in REST Endpoint

CVE-2026-1963 MEDIUM

WeKan < 8.21 - Improper Access Control in Attachment Storage

CVE-2026-1962 MEDIUM

Wekan < 8.21 - Improper Access Controls in Attachment Migration

CVE-2026-1898 MEDIUM

Wekan < 8.21 - Improper Access Control in LDAP User Sync

CVE-2026-1896 MEDIUM

WeKan <8.20 - Improper Access Controls

CVE-2026-1895 MEDIUM

WeKan <8.20 - Improper Access Controls

CVE-2026-1894 MEDIUM

Wekan < 8.21 - Improper Authorization via REST API Checklist Items Manipulation

CVE-2026-1892 MEDIUM

Wekan < 8.21 - Improper Authorization via setBoardOrgs Function

CVE-2026-1733 MEDIUM

crmeb < 5.6.3 - Improper Authorization via Order ID Manipulation

CVE-2026-1702 MEDIUM

Pet Grooming Management Software 1.0 - Incorrect Privilege Assignment in User Management

CVE-2026-1597 MEDIUM

Bdtask SalesERP <20260116 - Auth Bypass

CVE-2026-1550 MEDIUM

PHPGurukul Hospital Management System 1.0 - Incorrect Privilege Assignment in Admin Dashboard Page

Previous Page 9 of 37 Next

Details

Vulnerabilities 914

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy