Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,075 vulnerabilities with CWE-284

CVE-2026-11464 LOW

JeecgBoot User List Endpoint SysUserController.java queryPageList information disclosure

CVE-2026-11459 LOW

SecureAge CatchPulse IOCTL saappctl.sys information disclosure

CVE-2026-11458 MEDIUM

erzhongxmu JeeWMS Boot Actuator Endpoint actuator information disclosure

CVE-2026-45776 MEDIUM

Open XDMoD has Broken Access Control via Client-Controlled Session Variable

CVE-2026-45746 CRITICAL

Termix Vulnerable to Arbitrary Command Execution via Session Hijacking

CVE-2026-11344 HIGH

code-projects Vehicle Management System New Driver Registration Form newdriver.php unrestricted upload

CVE-2026-11333 MEDIUM

tittuvarghese CollegeManagementSystem Student Data Upload Endpoint upload_student_data.php unrestricted upload

CVE-2026-48907 CRITICAL

Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

CVE-2026-11326 MEDIUM

OpenAI Atlas < 1.2025.288.15 - Improper Access Control

CVE-2026-11302 MEDIUM

Google Chrome for iOS < 149.0.7827.53 - Unauthenticated Discretionary Access Control Bypass via Crafted HTML Page

CVE-2026-11277 MEDIUM

Google Chrome for iOS < 149.0.7827.53 - Discretionary Access Control Bypass via Crafted HTML Page

CVE-2026-11275 MEDIUM

Google Chrome < 149.0.7827.53 - Navigation Restriction Bypass via Crafted HTML Page

CVE-2026-11274 MEDIUM

Google Chrome < 149.0.7827.53 - Navigation Restriction Bypass via DOM Distiller

CVE-2026-11258 MEDIUM

Google Chrome < 149.0.7827.53 - Discretionary Access Control Bypass via File System Access

CVE-2026-11257 MEDIUM

Google Chrome < 149.0.7827.53 - Navigation Restriction Bypass via Crafted HTML Page

CVE-2026-11252 MEDIUM

Google Chrome < 149.0.7827.53 - Insufficient Policy Enforcement in Content Settings

CVE-2026-11212 MEDIUM

Google Chrome < 149.0.7827.53 - Cross-Origin Data Leak via DevTools Policy Bypass

CVE-2026-11210 MEDIUM

Google Chrome < 149.0.7827.53 - Discretionary Access Control Bypass via Crafted RAR File

CVE-2026-11204 MEDIUM

Google Chrome on iOS < 149.0.7827.53 - Navigation Restriction Bypass via Crafted HTML Page

CVE-2026-11197 MEDIUM

Google Chrome < 149.0.7827.53 - Same Origin Policy Bypass via Workers

CVE-2026-11193 MEDIUM

Google Chrome < 149.0.7827.53 - Insufficient Policy Enforcement in Password Manager

CVE-2026-11190 MEDIUM

Google Chrome < 149.0.7827.53 - Discretionary Access Control Bypass via Malicious Extension

CVE-2026-11187 MEDIUM

Google Chrome < 149.0.7827.53 - Navigation Restriction Bypass via Crafted HTML Page

CVE-2026-11179 HIGH

Google Chrome < 149.0.7827.53 - Site Isolation Bypass via ORB

CVE-2026-11135 MEDIUM

Google Chrome < 149.0.7827.53 - Insufficient Policy Enforcement in Autofill

Previous Page 3 of 203 Next

Details

Vulnerabilities 5,075

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy