Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-284

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

5,075 vulnerabilities with CWE-284

CVE-2026-41102 HIGH

Microsoft PowerPoint for Android Spoofing Vulnerability

CVE-2026-41101 HIGH

Microsoft Word for Android Spoofing Vulnerability

CVE-2026-41100 MEDIUM

Microsoft 365 Copilot for Android Spoofing Vulnerability

CVE-2026-41086 HIGH

Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability

CVE-2026-40420 HIGH

Microsoft Office Click-To-Run Elevation of Privilege Vulnerability

CVE-2026-40381 HIGH

Azure Connected Machine Agent Elevation of Privilege Vulnerability

CVE-2026-33834 HIGH

Microsoft Windows 10 Version 1607 - Windows Event Logging Service Elevation of Privilege Vulnerability

CVE-2026-32209 MEDIUM

Microsoft Windows 10 Version 1607 - Windows Filtering Platform (WFP) Security Feature Bypass Vulnerability

CVE-2026-40300 MEDIUM

Zulip: Message edit history visible in "moves only" policy through /api/v1/messages/{id}/history

CVE-2026-20887 HIGH

Intel Vision software - Improper Access Control

CVE-2026-40020 LOW

OX Dovecot Pro < 2.3.0 - Improper Access Control via IMAP SETACL Command

CVE-2026-43652 HIGH

macOS < 26.5 - Unprotected User Data Exposure via Permissions Issue

CVE-2026-28993 MEDIUM

iOS and iPadOS < 18.7.9 - Unauthenticated User-Sensitive Data Exposure via Missing Consent Prompt

CVE-2026-28988 MEDIUM

iOS and iPadOS < 26.5 - Improper Access Control

CVE-2026-28978 HIGH

macOS < 14.8.7, < 15.7.7, < 26.5 - Sandbox Escape via Permissions Issue

CVE-2026-28974 HIGH

iOS and iPadOS < 26.5 - Denial of Service via Unauthorized Actions

CVE-2026-28965 HIGH

iOS and iPadOS < 26.5 - Unprotected User Data Exposure via Lock Screen

CVE-2026-28957 LOW

iOS and iPadOS < 18.7.9 and < 26.5 - Unauthorized Screen Capture via Camera Metadata Access

CVE-2026-28930 HIGH

macOS < 26.5 - Unprotected User Data Exposure via Permissions Issue

CVE-2026-28922 MEDIUM

macOS - Information Disclosure

CVE-2026-28910 LOW

macOS < 26.4 - Unauthorized File Access via Improper Permissions

CVE-2026-7813 CRITICAL

pgAdmin 4: Cross-user data access and shared-server privilege escalation in server mode

CVE-2026-8233 MEDIUM

Dotouch XproUPF access control

CVE-2026-42569 CRITICAL

phpvms: /importer authorization bypass causing full database wipe

CVE-2026-1749 MEDIUM

HikCentral Professional - Privilege Escalation

Previous Page 9 of 203 Next

Details

Vulnerabilities 5,075

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy