The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
2,566 vulnerabilities with CWE-269
CVE-2025-15576
FreeBSD Jails - Privilege Escalation
CVE-2025-15547
FreeBSD Jail - Privilege Escalation
CVE-2025-8899
HIGH
Paid Videochat Turnkey Site - Privilege Escalation
CVSS 8.8
CVE-2025-29165
CRITICAL
D-Link DIR-1253 MESH V1.6.1684 - Privilege Escalation
CVSS 9.8
CVE-2026-26416
HIGH
TCS Cognix Recon Client 3.0 - Privilege Escalation
CVSS 8.8
CVE-2026-28548
HIGH
Email App - Info Disclosure
CVSS 7.1
CVE-2026-29127
IDC SFX2100 - Privilege Escalation
CVE-2026-29124
IDC SFX2100 - Privilege Escalation
CVE-2026-29123
IDC SFX2100 - Privilege Escalation
CVE-2026-29122
IDC SFX2100 - Privilege Escalation
CVE-2026-29121
IDC SFX2100 - Privilege Escalation
CVE-2026-27803
HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-27802
HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-20044
MEDIUM
Cisco Secure FMC - Privilege Escalation
CVSS 6.0
CVE-2025-63909
HIGH
Cohesity TranZman 4.0 Build 14614 - Privilege Escalation
CVSS 7.2
CVE-2026-1492
CRITICAL
WordPress User Registration & Membership Plugin <=5.1.2 - Privilege...
CVSS 9.8
CVE-2026-1566
HIGH
LatePoint Calendar Booking Plugin <5.2.7 - Privilege Escalation
CVSS 8.8
CVE-2026-21882
HIGH
theshit <0.2.0 - Privilege Escalation
CVSS 8.4
CVE-2026-0032
HIGH
mem_protect.c - Privilege Escalation
CVSS 7.8
CVE-2026-0029
HIGH
pkvm.c - Memory Corruption
CVSS 8.4
CVE-2026-0023
HIGH
PackageInstallerService - Privilege Escalation
CVSS 7.8
CVE-2025-48645
HIGH
DeviceAdminInfo.java - Privilege Escalation
CVSS 7.8
CVE-2025-48613
HIGH
VBMeta - Privilege Escalation
CVSS 7.8
CVE-2025-12981
CRITICAL
Listee Theme for WordPress <=1.1.6 - Privilege Escalation
CVSS 9.8
CVE-2026-27899
HIGH
WireGuard Portal <2.1.3 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities
2,566
Exploit Likelihood
Medium