CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,643 vulnerabilities with CWE-269
CVE-2025-67781 CRITICAL
Drivelock < 24.1.6 - Improper Privilege Management
CVSS 9.9
CVE-2025-14252 HIGH
Advantech SUSI <5.0.24335 - Privilege Escalation
CVSS 7.8
CVE-2025-43512 HIGH
macOS Tahoe <26.2 - Privilege Escalation
CVSS 7.8
CVE-2025-43320 HIGH
macOS Tahoe <26 - Privilege Escalation
CVSS 7.8
CVE-2025-67727 CRITICAL
Parseplatform Parse-server < 8.5.0 - Code Injection
CVSS 9.8
CVE-2025-13764 CRITICAL
WP CarDealer <1.2.16 - Privilege Escalation
CVSS 9.8
CVE-2025-12952 HIGH
Google Cloud's Dialogflow CX - Privilege Escalation
CVE-2025-12381 HIGH
Algosec Firewall Analyzer - Improper Privilege Management
CVSS 7.8
CVE-2025-66324 HIGH
Compression Module - Info Disclosure
CVSS 8.4
CVE-2025-13292 HIGH
Apigee-X - Privilege Escalation
CVE-2025-62686 MEDIUM
Plugin-alliance Installation Manager - Improper Privilege Management
CVSS 6.2
CVE-2025-55076 MEDIUM
Plugin Alliance Installation Manager <1.4.0 - Privilege Escalation
CVSS 6.2
CVE-2025-7044 HIGH
Canonical Maas < 3.3.11 - Improper Privilege Management
CVSS 7.7
CVE-2025-13542 CRITICAL
DesignThemes LMS <1.0.4 - Privilege Escalation
CVSS 9.8
CVE-2025-59705 MEDIUM
Entrust Nshield 5C Firmware < 13.6.12 - Improper Privilege Management
CVSS 6.8
CVE-2025-59697 HIGH
Entrust Nshield 5C Firmware < 13.6.12 - Improper Access Control
CVSS 7.2
CVE-2025-59693 CRITICAL
Entrust Nshield 5C Firmware < 13.6.12 - Improper Privilege Management
CVSS 9.8
CVE-2025-13534 MEDIUM
Elula Wsdesk < 3.3.3 - Improper Privilege Management
CVSS 6.3
CVE-2025-65621 MEDIUM
Snipeitapp Snipe-it < 8.3.4 - XSS
CVSS 5.4
CVE-2025-13787 MEDIUM
Zentao < 21.7.7 - Improper Privilege Management
CVSS 5.4
CVE-2025-59790 MEDIUM
Apache Kvrocks < 2.14.0 - Improper Privilege Management
CVSS 5.4
CVE-2025-13680 HIGH
Tiger theme WordPress - Privilege Escalation
CVSS 8.8
CVE-2025-13675 CRITICAL
Tiger theme <101.2.1 - Privilege Escalation
CVSS 9.8
CVE-2025-13540 CRITICAL
Tiare Membership <1.2 - Privilege Escalation
CVSS 9.8
CVE-2025-13538 CRITICAL
WordPress <1.0.5 - Privilege Escalation
CVSS 9.8
Details
Vulnerabilities 2,643
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits