CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,643 vulnerabilities with CWE-269
CVE-2025-12683 MEDIUM
Everything - Privilege Escalation
CVE-2025-8900 CRITICAL
Doccure Core <1.5.4 - Privilege Escalation
CVSS 9.8
CVE-2025-8489 CRITICAL
King Addons for Elementor - Privilege Escalation
CVSS 9.8
CVE-2025-48982 HIGH
Veeam Agent for Microsoft Windows - Privilege Escalation
CVSS 7.8
CVE-2025-61429 HIGH
NCR Atleos Terminal Manager <3.4.0 - Privilege Escalation
CVSS 8.8
CVE-2025-12425 HIGH
Azure-access Blu-ic2 Firmware < 1.20 - Improper Privilege Management
CVSS 7.8
CVE-2025-12424 CRITICAL
Azure-access Blu-ic2 Firmware < 1.20 - Improper Privilege Management
CVSS 9.8
CVE-2025-1037 HIGH
TropOS 4th Gen - Privilege Escalation
CVE-2025-11086 HIGH
Academy LMS - WordPress LMS Plugin <3.3.7 - Privilege Escalation
CVSS 8.1
CVE-2025-62592 MEDIUM
Oracle VM Virtualbox - Improper Privilege Management
CVSS 6.0
CVE-2025-61759 MEDIUM
Oracle VM Virtualbox - Improper Privilege Management
CVSS 6.5
CVE-2025-5496 LOW
Zohocorp Manageengine Endpoint Central < 11.4.2508.14 - Improper Privilege Management
CVSS 3.3
CVE-2025-7851 CRITICAL
Omada gateway - Privilege Escalation
CVSS 9.8
CVE-2025-6042 HIGH
Lisfinity Core - Privilege Escalation
CVSS 7.3
CVE-2025-56747 MEDIUM
Creativeitem Academy Lms < 5.13 - Improper Privilege Management
CVSS 6.5
CVE-2025-9068 HIGH
Rockwell Automation Driver Package x64 MSI - Privilege Escalation
CVSS 7.8
CVE-2025-9067 HIGH
FTLinx - Privilege Escalation
CVSS 7.8
CVE-2025-11533 CRITICAL
WP Freeio <1.2.21 - Privilege Escalation
CVSS 9.8
CVE-2025-61152 MEDIUM
python-jose <3.3.0 - Privilege Escalation
CVSS 6.5
CVE-2025-59247 HIGH
Microsoft Azure Playfab - Improper Privilege Management
CVSS 8.8
CVE-2025-11561 HIGH
Linux SSSD - Privilege Escalation
CVSS 8.8
CVE-2025-61786 LOW
Deno < 2.2.15 - Improper Privilege Management
CVSS 3.3
CVE-2025-34251 HIGH
Tesla TCU <2025.14 - Auth Bypass
CVE-2025-57443 MEDIUM
FrostWire 6.14.0-build-326 - Code Injection
CVSS 5.1
CVE-2025-10578 HIGH
HP Support Assistant < 9.47.41.0 - Improper Privilege Management
CVSS 7.8
Details
Vulnerabilities 2,643
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits