Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,075 vulnerabilities with CWE-284

CVE-2026-46416 MEDIUM

Microsoft UFO shared WebSocket handler state causes cross-client response hijacking

CVE-2026-47269 HIGH

pam_usb: deny_remote feature incorrectly classifies IPv4-mapped IPv6 remote connections as local

CVE-2026-1933 HIGH

Samba: missing access check on reparse point operations

CVE-2026-48906 HIGH

Extension - tassos.gr - Arbitrary File Deletion in Novarain/Tassos Framework < 6.1.0 for Joomla

CVE-2026-49002 CRITICAL

Broken Access Control Vulnerabily in ZTE ZXUniPOS NDS-LTE product

CVE-2026-41704 MEDIUM

Compromised VM can make arbitrary blobstore deletes

CVE-2026-9604 MEDIUM

JeecgBoot AiragModelController access control

CVE-2026-9581 MEDIUM

JeecgBoot add access control

CVE-2026-9580 HIGH

JeecgBoot selectDepart LoginController.selectDepart access control

CVE-2026-9579 MEDIUM

JeecgBoot SysUser userEdit user.getUsername access control

CVE-2026-44730 HIGH

OpenCTI: Privilege escalation via graphQL API abusable by organization admins, due to incorrect ACL on userEdit relationAdd

CVE-2026-9562 HIGH

sambitraj STUDENT-MANAGEMENT-SYSTEM Dashboard access control

CVE-2026-48904 CRITICAL

Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints

CVE-2026-48900 MEDIUM

Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler

CVE-2026-48899 CRITICAL

Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins

CVE-2026-48898 CRITICAL

Joomla! Core - [20260513] - Privilege escalation through com_users batch task

CVE-2026-35223 CRITICAL

Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints

CVE-2026-43934 MEDIUM

e107: Broken Access Control in e107 comment edit allows cross-user comment modification

CVE-2026-9495 HIGH

@koa/router < 15.0.0 - Improper Access Control

CVE-2026-9517 HIGH

hemant6488 CodeIgniter-StudentManagementSystem Student Management addStudentView access control

CVE-2026-9445 MEDIUM

SourceCodester Simple POS and Inventory System File Extension addproduct.php unrestricted upload

CVE-2026-9421 HIGH

KLiK SocialMediaWebsite File upload.inc.php uniqid unrestricted upload

CVE-2026-9489 HIGH

NitroSense V3: Local Privilege Escalation (LPE) vulnerability

CVE-2026-9412 MEDIUM

SourceCodester Indian Invoicing System Backend Endpoint access control

CVE-2026-9374 MEDIUM

yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted upload

Previous Page 6 of 203 Next

Details

Vulnerabilities 5,075

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy