CWE-280

Improper Handling of Insufficient Permissions or Privileges

Parent: CWE-755 - Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.

132 vulnerabilities with CWE-280
CVE-2026-21733 HIGH
GPU DDK - Incorrect flags validation in RGXDerivePTEProt8 can allow GPU to overwrite read-only shared memory (e.g. libc.so)
CVSS 7.3
CVE-2026-27910 HIGH
Windows Installer Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2026-24096 HIGH
Insufficient permission validation on multiple REST API Quick Setup endpoints
CVSS 8.8
CVE-2026-2123 HIGH
Privilege escalation vulnerability in Operations Agent
CVSS 7.8
CVE-2026-3190 MEDIUM
Keycloak: keycloak: information disclosure via improper role enforcement in uma 2.0 protection api
CVSS 4.3
CVE-2026-21736 MEDIUM
Non-privileged Software - Privilege Escalation
CVSS 4.4
CVE-2026-0047 HIGH
ActivityManagerService - Privilege Escalation
CVSS 8.4
CVE-2026-1772 MEDIUM
RTU500 - Info Disclosure
CVSS 5.3
CVE-2026-23857 HIGH
Dell Update Package (DUP) Framework <24.12.00 - Privilege Escalation
CVSS 8.2
CVE-2026-20817 HIGH
Windows Error Reporting - Privilege Escalation
CVSS 7.8
CVE-2025-67848 HIGH
Moodle < 4.1.22 - Authentication Bypass
CVSS 8.1
CVE-2025-46066 CRITICAL
Automai Director <25.2.0 - Privilege Escalation
CVSS 9.9
CVE-2025-64997 MEDIUM
Checkmk - Information Disclosure
CVSS 6.5
CVE-2025-43527 HIGH
macOS Tahoe <26.2 - Privilege Escalation
CVSS 7.8
CVE-2025-58770 HIGH
APTIov - Privilege Escalation
CVSS 8.8
CVE-2025-58122 MEDIUM
Checkmk - Information Disclosure
CVSS 5.4
CVE-2025-58121 MEDIUM
Checkmk <2.4.0p16 - Info Disclosure
CVSS 5.4
CVE-2025-58410 HIGH
Software - Memory Corruption
CVSS 7.5
CVE-2025-62510 HIGH
Filerise < 1.5.0 - Improper Access Control
CVSS 8.1
CVE-2025-62509 HIGH
Filerise < 1.4.0 - Improper Access Control
CVSS 8.1
CVE-2025-62176 MEDIUM
Mastodon <4.4.6-4.2.27 - Info Disclosure
CVSS 4.3
CVE-2025-45376 HIGH
Dell Repository Manager <3.4.8 - Privilege Escalation
CVSS 7.5
CVE-2025-58457 MEDIUM
Apache ZooKeeper <3.9.4 - Privilege Escalation
CVSS 4.3
CVE-2025-59040 MEDIUM
Tuleap - Info Disclosure
CVSS 4.3
CVE-2025-50170 HIGH
Windows Cloud Files Mini Filter Driver - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 132
Links
MITRE CWE Entry Search this CWE With Exploits