CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,778 vulnerabilities with CWE-269
CVE-2025-26706 MEDIUM
ZTE GoldenDB 6.1.03-6.1.03.07 - Privilege Escalation
CVSS 5.4
CVE-2025-26705 MEDIUM
ZTE GoldenDB 6.1.03-6.1.03.05 - Privilege Escalation
CVSS 5.3
CVE-2025-26704 MEDIUM
ZTE GoldenDB 6.1.03-6.1.03.05 - Privilege Escalation
CVSS 6.4
CVE-2025-26703 MEDIUM
ZTE GoldenDB 6.1.03-6.1.03.04 - Privilege Escalation
CVSS 4.3
CVE-2025-26707 MEDIUM
ZTE GoldenDB <6.1.03.05 - Privilege Escalation
CVSS 5.3
CVE-2025-0177 CRITICAL
Javo Core <3.0.0.080 - Privilege Escalation
CVSS 9.8
CVE-2025-1121 MEDIUM
Google ChromeOS 15786.48.2 - Privilege Escalation via Recovery Image Handling
CVSS 6.8
CVE-2025-27644 HIGH
Vasion Print < 20.0.2368 and Virtual Appliance < 22.0.933 - Local Privilege Escalation
CVSS 7.8
CVE-2025-27639 HIGH
Vasion Print < 20.0.2614 and Virtual Appliance < 22.0.1002 - Privilege Escalation
CVSS 8.8
CVE-2025-1425 MEDIUM
PocketBook InkPad Color 3 - Privilege Escalation
CVE-2025-1424 HIGH
PocketBook InkPad Color 3 <U743k3.6.8.3671 - Privilege Escalation
CVE-2025-1295 HIGH
Templines Elementor Helper Core <2.7 - Privilege Escalation
CVSS 8.8
CVE-2025-0893 HIGH
Symantec Diagnostic Tool <3.0.79 - Privilege Escalation
CVSS 7.8
CVE-2025-0327 HIGH
Windows Services - Privilege Escalation
CVSS 7.8
CVE-2025-25202 MEDIUM
Ash Authentication <4.1.0 - Info Disclosure
CVSS 6.5
CVE-2025-0180 CRITICAL
WP Foodbakery <3.3 - Privilege Escalation
CVSS 9.8
CVE-2025-23093 HIGH
Mitel OpenScape 4000 - Privilege Escalation
CVSS 8.8
CVE-2025-24805 MEDIUM
Mobile Security Framework < 4.3.1 - Improper Privilege Management via Access Token
CVSS 5.5
CVE-2025-22220 MEDIUM
VMware Aria Operations for Logs - Privilege Escalation
CVSS 4.3
CVE-2025-23007 MEDIUM
SonicWall NetExtender - Privilege Escalation via Log Export Function
CVSS 5.5
CVE-2025-0834 HIGH
Wondershare Dr.Fone <13.5.21 - Privilege Escalation
CVSS 7.8
CVE-2025-24353 MEDIUM
Directus < 11.2.0 - Improper Privilege Management via Share Feature
CVSS 5.0
CVE-2025-0651 HIGH
Cloudflare WARP <20 - Privilege Escalation
CVSS 7.1
CVE-2025-23208 HIGH
zot < 2.1.2 - Improper Privilege Management via Group Membership Append
CVSS 7.3
CVE-2025-21360 HIGH
Microsoft AutoUpdate < 4.76 - Elevation of Privilege
CVSS 7.8
Details
Vulnerabilities 2,778
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits