CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,642 vulnerabilities with CWE-269
CVE-2026-27803 HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-27802 HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-20044 MEDIUM
Cisco Secure FMC - Privilege Escalation
CVSS 6.0
CVE-2026-1492 CRITICAL
WordPress User Registration & Membership Plugin <=5.1.2 - Privilege Escalation
CVSS 9.8
CVE-2026-1566 HIGH
LatePoint Calendar Booking Plugin <5.2.7 - Privilege Escalation
CVSS 8.8
CVE-2026-21882 HIGH
theshit <0.2.0 - Privilege Escalation
CVSS 8.4
CVE-2026-0032 HIGH
mem_protect.c - Privilege Escalation
CVSS 7.8
CVE-2026-0029 HIGH
pkvm.c - Memory Corruption
CVSS 8.4
CVE-2026-0023 HIGH
PackageInstallerService - Privilege Escalation
CVSS 7.8
CVE-2026-27899 HIGH
WireGuard Portal <2.1.3 - Privilege Escalation
CVSS 8.8
CVE-2026-22721 MEDIUM
VMware Aria Operations - Privilege Escalation
CVSS 6.2
CVE-2026-2914 HIGH
CyberArk Endpoint Privilege Manager <25.10.0 - Privilege Escalation
CVSS 7.8
CVE-2026-27208 CRITICAL
bleon-ethical/api-gateway-deploy 1.0.0 - Command Injection
CVSS 9.2
CVE-2026-2782 CRITICAL
Firefox <148 & ESR <140.8 - Privilege Escalation
CVSS 9.8
CVE-2026-2780 CRITICAL
Firefox <148 & ESR <140.8 - Privilege Escalation
CVSS 9.8
CVE-2026-2777 CRITICAL
Firefox <148 - Privilege Escalation
CVSS 9.8
CVE-2026-27198 HIGH
Formwork 2.0.0-2.3.3 - Privilege Escalation
CVSS 8.8
CVE-2026-26725 CRITICAL
Print Shop Pro WebDesk 18.34 - Privilege Escalation
CVSS 9.8
CVE-2026-26722 CRITICAL
Key Systems GFMS 20230721a - Privilege Escalation
CVSS 9.4
CVE-2026-1994 CRITICAL
s2Member WordPress Plugin <260127 - Privilege Escalation
CVSS 9.8
CVE-2026-0912 HIGH
Toret Manager Plugin 1.2.7 - Privilege Escalation
CVSS 8.8
CVE-2026-23599 HIGH
HPE Aruba ClearPass OnGuard Linux - Privilege Escalation
CVSS 7.8
CVE-2026-2563 MEDIUM
JingDong JD Cloud Box AX6600 <4.5.1.r4533 - Remote Privilege Escala...
CVSS 6.3
CVE-2026-2562 MEDIUM
JingDong JD Cloud Box AX6600 <4.5.1.r4533 - Remote Privilege Escala...
CVSS 6.3
CVE-2026-2561 MEDIUM
JingDong JD Cloud Box AX6600 <4.5.1.r4533 - Remote Privilege Escala...
CVSS 6.3
Details
Vulnerabilities 2,642
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits