CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,509 vulnerabilities with CWE-276
CVE-2026-34450 MEDIUM
Claude SDK for Python: Insecure Default File Permissions in Local Filesystem Memory Tool
CVSS 4.4
CVE-2026-32983 MEDIUM
SSL/TLS Renegotiation DoS in Wazuh Manager authd service
CVSS 5.8
CVE-2026-0748 MEDIUM
Access bypass in Drupal 7 i18n_node translation UI
CVSS 4.3
CVE-2026-32680 HIGH
RATOC RAID Monitoring Manager for Windows <2.00.009.260220 - Privilege Escalation
CVSS 7.8
CVE-2026-24063 HIGH
World-writable uninstall script executed as root in Arturia Software Center
CVSS 8.2
CVE-2026-3315 HIGH
ASSA ABLOY Visionline <1.33 - Privilege Escalation
CVSS 7.8
CVE-2026-26131 HIGH
.NET 10.0 < 10.0.4 - Authenticated Privilege Escalation via Incorrect Default Permissions
CVSS 7.8
CVE-2026-28267 MEDIUM
i- - Incorrect Default Permissions
CVSS 5.5
CVE-2026-28727 HIGH
Acronis Cyber Protect 17 - Privilege Escalation
CVSS 7.8
CVE-2026-28717 MEDIUM
Acronis Cyber Protect 17 - Privilege Escalation
CVSS 5.0
CVE-2026-26034 HIGH
UPS MUMC 01.06.0001 - Privilege Escalation
CVSS 7.8
CVE-2026-21423 MEDIUM
Dell PowerScale OneFS <9.10.1.6/9.11.0.0-9.12.0.1 - Privilege Escal...
CVSS 6.7
CVE-2026-2915 HIGH
HP System Event Utility <3.2.16 - DoS
CVSS 7.1
CVE-2026-27653 MEDIUM
Soliton Systems K.K. Installers - Privilege Escalation
CVSS 6.7
CVE-2026-23703 HIGH
FinalCode Client - Privilege Escalation
CVSS 7.8
CVE-2026-2026 MEDIUM
Nessus Agent - Privilege Escalation
CVSS 6.1
CVE-2026-25931 HIGH
vscode-spell-checker <4.5.4 - Info Disclosure
CVSS 7.8
CVE-2026-24780 HIGH
AutoGPT Platform < 0.6.44 - Authenticated Remote Code Execution via Disabled BlockInstallationBlock
CVSS 8.8
CVE-2026-24414 MEDIUM
Icinga PowerShell Framework <1.13.4-1.11.2 - Info Disclosure
CVSS 5.5
CVE-2026-24413 MEDIUM
Icinga 2 <2.13.14, <2.14.8, <2.15.2 - Info Disclosure
CVSS 5.5
CVE-2026-0705 MEDIUM
Acronis Cloud Manager <6.4.25342.354 - Privilege Escalation
CVSS 6.7
CVE-2025-32749 MEDIUM
Dell PowerFlex Manager (Appliance) - Incorrect Default Permissions
CVSS 5.3
CVE-2025-48516 MEDIUM
Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics - Incorrect Default Permissions
CVE-2025-48512 HIGH
Amd Ryzen™ 4000 Series Mobile Processors With Radeon™ Graphics (formerly Codenamed "Renoir") - Incorrect Default Permissions
CVE-2025-58713 MEDIUM
Rhpam: privilege escalation via excessive /etc/passwd permissions
CVSS 6.4
Details
Vulnerabilities 1,509
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits