Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,270 vulnerabilities with CWE-284

CVE-2026-24302 HIGH

Azure Arc - Unauthenticated Privilege Escalation via Improper Access Control

CVE-2026-24300 CRITICAL

Azure Front Door - Privilege Escalation

CVE-2026-1964 MEDIUM

Wekan < 8.21 - Improper Access Control in REST Endpoint

CVE-2026-1963 MEDIUM

WeKan < 8.21 - Improper Access Control in Attachment Storage

CVE-2026-1962 MEDIUM

Wekan < 8.21 - Improper Access Controls in Attachment Migration

CVE-2026-1707 HIGH

pgAdmin 9.11 - Privilege Escalation

CVE-2026-1898 MEDIUM

Wekan < 8.21 - Improper Access Control in LDAP User Sync

CVE-2026-1896 MEDIUM

WeKan <8.20 - Improper Access Controls

CVE-2026-1895 MEDIUM

WeKan <8.20 - Improper Access Controls

CVE-2026-25519 HIGH

OpenSlides 4.2.5-4.2.29 - Unauthenticated Incorrect Access Control via Local Login Bypass

CVE-2026-1813 MEDIUM

bolo-blog bolo-solo <2.6.4 - Unrestricted Upload

CVE-2026-24670 MEDIUM

Open eClass <4.2 - Privilege Escalation

CVE-2026-24668 MEDIUM

Open eClass <4.2 - Privilege Escalation

CVE-2026-1117 HIGH

parisneo/lollms < 2.0.0 - Unauthenticated Improper Access Control in Socket.IO Event Handlers

CVE-2026-1742 MEDIUM

EFM ipTIME A8004T <14.18.2 - Unrestricted Upload

CVE-2026-24904 MEDIUM

TrustTunnel < 0.9.115 - Rule Bypass via TLS ClientHello Fragmentation

CVE-2026-0844 HIGH

WordPress Simple User Registration <6.7 - Privilege Escalation

CVE-2026-24740 CRITICAL

Dozzle < 9.0.3 - Improper Access Control via Container ID Targeting

CVE-2026-24473 MEDIUM

Hono < 4.11.7 - Information Disclosure via Serve Static Middleware Path Validation

CVE-2026-1445 MEDIUM

iJason-Liu Books_Manager <298ba736387ca37810466349af13a0fdf828e99c ...

CVE-2026-1424 MEDIUM

PHPGurukul News Portal 1.0 - Unrestricted File Upload in Profile Pic Handler

CVE-2026-1423 MEDIUM

Online Examination System 1.0 - Unauthenticated Arbitrary File Upload via /admin_pic.php

CVE-2026-1411 MEDIUM

Beetel 777VR1 Firmware < 01.00.09_55 - Incorrect Privilege Assignment via UART Interface

CVE-2026-1407 LOW

Beetel 777VR1 < 01.00.09_55 - Information Disclosure via UART Interface

CVE-2026-24420 MEDIUM

phpmyfaq < 4.0.17 - Authenticated Improper Access Control via Attachment Download

Previous Page 34 of 211 Next

Details

Vulnerabilities 5,270

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy