CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,771 vulnerabilities with CWE-269
CVE-2026-2640 MEDIUM
Lenovo PC Manager - Privilege Escalation
CVSS 5.5
CVE-2026-24510 MEDIUM
Dell AWCC <6.12.24.0 - Privilege Escalation
CVSS 6.7
CVE-2026-31852 CRITICAL
Jellyfin jellyfin-ios - Code Injection
CVSS 10.0
CVE-2026-30902 HIGH
Zoom Client for Windows - Privilege Escalation
CVSS 7.8
CVE-2026-1993 HIGH
ExactMetrics 7.1.0-9.0.2 - Privilege Escalation
CVSS 8.8
CVE-2026-2631 CRITICAL
Datalogics Ecommerce Delivery <2.6.60 - Privilege Escalation
CVSS 9.8
CVE-2026-31834 HIGH
Umbraco 15.3.1-16.5.0/17.2.1 - Privilege Escalation
CVSS 7.2
CVE-2026-30960 CRITICAL
rssn < 0.2.9 - Arbitrary Code Execution via JIT Compilation Engine
CVE-2026-26416 HIGH
TCS Cognix Recon Client 3.0 - Privilege Escalation
CVSS 8.8
CVE-2026-28548 HIGH
HarmonyOS - Improper Privilege Management in Email Application
CVSS 7.1
CVE-2026-29127 HIGH
datacast SFX2100 Firmware - Improper Privilege Management via Overly Permissive Home Directory Permissions
CVSS 7.8
CVE-2026-29124 HIGH
International Data Casting SFX2100 Satellite Receiver - Local Privilege Escalation via SUID Binaries
CVSS 7.8
CVE-2026-29123 HIGH
International Data Casting SFX2100 Firmware - Local Privilege Escalation via SUID Binary Execution
CVSS 7.8
CVE-2026-29122 MEDIUM
International Data Casting SFX2100 Firmware - Local Privilege Escalation via Setuid /bin/date Utility
CVSS 5.5
CVE-2026-29121 HIGH
International Data Casting SFX2100 Firmware - Improper Privilege Management via Setuid ip Utility
CVSS 7.8
CVE-2026-27803 HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-27802 HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-20044 MEDIUM
Cisco Secure FMC - Privilege Escalation
CVSS 6.0
CVE-2026-1492 CRITICAL
WordPress User Registration & Membership Plugin <=5.1.2 - Privilege Escalation
CVSS 9.8
CVE-2026-1566 HIGH
LatePoint Calendar Booking Plugin <5.2.7 - Privilege Escalation
CVSS 8.8
CVE-2026-21882 HIGH
theshit <0.2.0 - Privilege Escalation
CVSS 8.4
CVE-2026-0032 HIGH
mem_protect.c - Privilege Escalation
CVSS 7.8
CVE-2026-0029 HIGH
Android - Local Privilege Escalation via PKVM Initialization Logic Error
CVSS 8.4
CVE-2026-0023 HIGH
PackageInstallerService - Privilege Escalation
CVSS 7.8
CVE-2026-27899 HIGH
WireGuard Portal <2.1.3 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities 2,771
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits