Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,269 vulnerabilities with CWE-284

CVE-2026-20603 MEDIUM

macOS Tahoe <26.3 - Info Disclosure

CVE-2026-20601 LOW

macOS Tahoe <26.3 - Info Disclosure

CVE-2026-2250 HIGH

METIS WIC - Unauthenticated Sensitive Information Exposure via /dbviewer/ Endpoint

CVE-2026-21255 HIGH

Windows Hyper-V - Privilege Escalation

CVE-2026-21238 HIGH

Windows Ancillary Function Driver - Privilege Escalation

CVE-2026-0653 MEDIUM

TP-Link Tapo C260 v1 < 1.1.9 and D235 v1 < 1.2.2 - Authenticated Improper Access Control via Synchronization Endpoint

CVE-2026-25231 HIGH

filerise < 3.3.0 - Unauthenticated File Read via /uploads Directory

CVE-2026-2226 MEDIUM

DouPHP < 1.9 - Unrestricted File Upload via ZIP File Handler

CVE-2026-2213 MEDIUM

Online Music Site 1.0 - Unrestricted File Upload via AdminAddAlbum.php txtimage Argument

CVE-2026-2183 MEDIUM

Great Developers Certificate Generation System <97171bb0e5e22e52eac...

CVE-2026-2164 HIGH

detronetdip E-commerce 1.0.0 - Unrestricted Upload

CVE-2026-2148 MEDIUM

Tenda AC21 16.03.08.16 - Information Disclosure via Web Management Interface

CVE-2026-2147 MEDIUM

Tenda AC21 16.03.08.16 - Information Disclosure via Web Management Interface

CVE-2026-2146 MEDIUM

guchengwuyue yshopmall <1.9.1 - Unrestricted Upload

CVE-2026-2133 HIGH

Online Music Site 1.0 - Unrestricted File Upload via AdminUpdateCategory.php txtimage Argument

CVE-2026-2207 MEDIUM

Wekan < 8.21 - Information Disclosure in Activity Publication Handler

CVE-2026-2206 MEDIUM

Wekan < 8.21 - Improper Access Control in Administrative Repair Handler

CVE-2026-2205 MEDIUM

Wekan < 8.21 - Information Disclosure in Meteor Publication Handler

CVE-2026-2075 MEDIUM

yeqifu warehouse - Incorrect Privilege Assignment in Role-Permission Binding Handler

CVE-2026-25758 HIGH

Spree < 4.10.3 - Unauthenticated Insecure Direct Object Reference in Guest Checkout Address Binding

CVE-2026-2056 MEDIUM

D-Link DIR-605L/DIR-619L 2.06B01/2.13B01 - Info Disclosure

CVE-2026-2055 MEDIUM

D-Link DIR-605L/DIR-619L 2.06B01/2.13B01 - Info Disclosure

CVE-2026-2054 MEDIUM

D-Link DIR-605L/DIR-619L 2.06B01/2.13B01 - Info Disclosure

CVE-2026-2009 MEDIUM

SourceCodester Gas Agency Management System 1.0 - Info Disclosure

CVE-2026-24302 HIGH

Azure Arc - Unauthenticated Privilege Escalation via Improper Access Control

Previous Page 33 of 211 Next

Details

Vulnerabilities 5,269

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy