CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,643 vulnerabilities with CWE-269
CVE-2025-66314 HIGH
ZTE ElasticNet UME R32 - Privilege Escalation
CVSS 7.5
CVE-2025-66266 CRITICAL
UPSilon 2000 - Privilege Escalation
CVE-2025-66265 MEDIUM
CMService.exe - Privilege Escalation
CVE-2025-33188 HIGH
NVIDIA DGX Spark GB10 - Info Disclosure
CVSS 8.0
CVE-2025-33187 CRITICAL
NVIDIA DGX Spark GB10 - Privilege Escalation
CVSS 9.3
CVE-2025-13559 CRITICAL
EduKart Pro <1.0.3 - Privilege Escalation
CVSS 9.8
CVE-2025-54821 LOW
Fortinet Fortiproxy < 7.6.4 - Improper Privilege Management
CVSS 1.9
CVE-2025-40548 CRITICAL
Solarwinds Serv-u < 15.5.3 - Improper Privilege Management
CVSS 9.1
CVE-2025-20346 MEDIUM
Cisco Catalyst Center - Privilege Escalation
CVSS 4.3
CVE-2025-11923 HIGH
LifterLMS - Privilege Escalation
CVSS 8.8
CVE-2025-59514 HIGH
Microsoft Windows 10 1607 - Improper Privilege Management
CVSS 7.8
CVE-2025-24863 MEDIUM
Intel(R) CIP <WIN_DCA_2.4.0.11001 - Info Disclosure
CVSS 6.5
CVE-2025-24838 HIGH
Intel Computing Improvement Program - Improper Privilege Management
CVSS 8.8
CVE-2025-24307 LOW
Intel Computing Improvement Program - Improper Privilege Management
CVSS 2.0
CVE-2025-11457 CRITICAL
EasyCommerce <1.5.0 - Privilege Escalation
CVSS 9.8
CVE-2025-11168 HIGH
Mementor Core <2.2.5 - Privilege Escalation
CVSS 8.8
CVE-2025-64507 HIGH
Linuxcontainers Incus < 6.0.6 - Improper Privilege Management
CVSS 7.8
CVE-2025-12726 HIGH
Google Chrome <142.0.7444.137 - Privilege Escalation
CVSS 7.5
CVE-2025-12405 HIGH
Looker Studio - Privilege Escalation
CVE-2025-64489 HIGH
Salesagility Suitecrm < 7.14.8 - Improper Privilege Management
CVSS 8.3
CVE-2025-64436 MEDIUM
Kubevirt < 1.5.3 - Improper Privilege Management
CVSS 5.3
CVE-2025-64338 CRITICAL
Oxygenz Clipbucket < 5.5.2-157 - XSS
CVSS 9.0
CVE-2025-64336 MEDIUM
Oxygenz Clipbucket < 5.5.2-147 - XSS
CVSS 5.4
CVE-2025-12485 HIGH
Devolutions Server < 2025.2.17.0 - Improper Privilege Management
CVSS 8.8
CVE-2025-46364 CRITICAL
Dell CloudLink <8.1.1 - Privilege Escalation
CVSS 9.1
Details
Vulnerabilities 2,643
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits