CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,777 vulnerabilities with CWE-269
CVE-2025-26435 HIGH
Android - Improper Privilege Management in ContentProtectionTogglePreferenceController
CVSS 7.8
CVE-2025-36904 CRITICAL
Android WLAN - Privilege Escalation
CVSS 9.8
CVE-2025-36901 HIGH
Android WLAN - Privilege Escalation
CVSS 8.8
CVE-2025-36896 CRITICAL
Android WLAN - Privilege Escalation
CVSS 9.8
CVE-2025-36891 HIGH
Android - Improper Privilege Management
CVSS 8.8
CVE-2025-36890 CRITICAL
Android - Elevation of Privilege
CVSS 9.8
CVE-2025-32098 MEDIUM
Samsung Magician 6.3-8.3 - Elevation of Privileges to SYSTEM via Insecure File Delete Operations
CVSS 5.3
CVE-2025-57759 MEDIUM
Contao 5.3.0-5.3.37 - Improper Privilege Management for Page and Article Fields
CVSS 4.3
CVE-2025-55582 MEDIUM
D-Link DCS-825L <1.08.01 - Privilege Escalation
CVSS 6.6
CVE-2025-53105 HIGH
GLPI <10.0.19 - Privilege Escalation
CVSS 7.5
CVE-2025-36729 HIGH
Non-Primary Admin - Info Disclosure
CVSS 7.2
CVE-2025-6366 HIGH
Event List <2.0.4 - Privilege Escalation
CVSS 8.8
CVE-2025-5931 HIGH
Dokan Pro <4.0.5 - Privilege Escalation
CVSS 8.8
CVE-2025-57760 HIGH
Langflow - Authenticated Privilege Escalation via Internal CLI Command
CVSS 8.8
CVE-2025-55581 HIGH
D-Link DCS-825L <1.08.01 - Code Injection
CVSS 7.3
CVE-2025-55627 MEDIUM
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime -3.0.0.46...
CVSS 5.3
CVE-2025-50674 HIGH
OpenMediaVault 7.4.17 - Privilege Escalation
CVSS 7.8
CVE-2025-8309 HIGH
ManageEngine - Privilege Escalation
CVSS 8.1
CVE-2025-6182 HIGH
StrongDM sdm < 47.49.0 - Improper Privilege Management via Certificate Handling
CVE-2025-8453 MEDIUM
Privileged Engineer User - Privilege Escalation, RCE
CVSS 6.7
CVE-2025-8218 HIGH
The Real Spaces - WordPress Properties Directory Theme <3.5 - Privi...
CVSS 8.8
CVE-2025-6758 CRITICAL
Imithemes Real Spaces - WordPress Properties Directory Theme <= 3.6 - Privilege Escalation
CVSS 9.8
CVE-2025-6080 HIGH
WPGYM - Wordpress Gym Management System <67.7.0 - Privilege Escalation
CVSS 8.8
CVE-2025-27847 MEDIUM
ESPEC North America Web Controller <3.3.8 - Privilege Escalation
CVSS 4.3
CVE-2025-27846 MEDIUM
ESPEC North America Web Controller <3.3.8 - Privilege Escalation
CVSS 4.3
Details
Vulnerabilities 2,777
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits