Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,269 vulnerabilities with CWE-284

CVE-2026-28276 HIGH

Initiative <0.32.2 - Info Disclosure

CVE-2026-28230 MEDIUM

SteVe <=3.11.0 - Privilege Escalation

CVE-2026-28215 CRITICAL

hoppscotch < 2026.2.0 - Unauthenticated Infrastructure Configuration Overwrite via Onboarding Endpoint

CVE-2026-28218 MEDIUM

Discourse <2025.12.2/2026.1.1/2026.2.0 - SQL Injection

CVE-2026-27449 HIGH

Umbraco Engage <16.2.1/17.1.1 - Auth Bypass

CVE-2026-27152 LOW

Discourse < 2025.12.2, 2026.1.1, 2026.2.0 - Improper Access Control via Chat::AddUsersToChannel

CVE-2026-2356 MEDIUM

User Registration & Membership Plugin <5.1.2 - IDOR

CVE-2026-27975 CRITICAL

ajenti < 2.2.13 - Unauthenticated Remote Code Execution

CVE-2026-22728 MEDIUM

Bitnami Sealed Secrets - Privilege Escalation

CVE-2026-3209 MEDIUM

fosrl Pangolin <1.15.4-s.3 - Auth Bypass

CVE-2026-3187 MEDIUM

feiyuchuixue sz-boot-parent <=1.3.2-beta - Unrestricted Upload

CVE-2026-27624 HIGH

coturn < 4.9.0 - Improper Access Control via IPv4-Mapped IPv6 Bypass

CVE-2026-24896 MEDIUM

OpenEMR <8.0.0 - Broken Access Control

CVE-2026-2768 CRITICAL

Firefox < 148 and Firefox ESR < 140.8 - Sandbox Escape via IndexedDB Storage

CVE-2026-25966 MEDIUM

ImageMagick <7.1.2-15/6.9.13-40 - Auth Bypass

CVE-2026-3025 HIGH

ShuoRen Smart Heating 1.0.0 - Unrestricted Upload

CVE-2026-2983 HIGH

Student Result Management System 1.0 - Auth Bypass

CVE-2026-2979 MEDIUM

FastApiAdmin <2.2.0 - Unrestricted Upload

CVE-2026-2978 MEDIUM

FastApiAdmin <=2.2.0 - Unrestricted Upload

CVE-2026-2977 MEDIUM

FastApiAdmin <2.2.0 - Unrestricted Upload

CVE-2026-2976 MEDIUM

FastApiAdmin <2.2.0 - Info Disclosure

CVE-2026-2975 MEDIUM

FastApiAdmin <2.2.0 - Info Disclosure

CVE-2026-2938 HIGH

Student Result Management System 1.0 - Auth Bypass

CVE-2026-2894 MEDIUM

funadmin <7.1.0-rc4 - Info Disclosure

CVE-2026-27471 CRITICAL

ERP <=15.98.0/16.0.0-rc.1-16.6.0 - Auth Bypass

Previous Page 31 of 211 Next

Details

Vulnerabilities 5,269

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy