CWE-285

High likelihood

Improper Authorization

Parent: CWE-284 - Improper Access Control

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

1,214 vulnerabilities with CWE-285
CVE-2026-4171 MEDIUM
CodeGenieApp serverless-express API Endpoint TodoList.ts authorization
CVSS 6.3
CVE-2026-32704 MEDIUM
SiYuan renderSprig: missing admin check allows any user to read full workspace DB
CVSS 6.5
CVE-2026-4013 MEDIUM
SourceCodester Pharmacy System 1.0 - Auth Bypass
CVSS 6.3
CVE-2026-28806 CRITICAL
nerves-hub nerves_hub_web - Privilege Escalation
CVE-2026-30959 MEDIUM
OneUptime - Auth Bypass
CVSS 5.0
CVE-2026-30956 CRITICAL
OneUptime <10.0.21 - Auth Bypass
CVSS 9.9
CVE-2026-30870 MEDIUM
PowerSync Service 1.20.0 - Auth Bypass
CVSS 6.5
CVE-2026-28431 HIGH
Misskey 8.45.0-2026.3.0 - Info Disclosure
CVSS 7.5
CVE-2026-3817 MEDIUM
Patients Waiting Area Queue 1.0 - Auth Bypass
CVSS 5.3
CVE-2026-3764 HIGH
SourceCodester Client DBMS 1.0 - Auth Bypass
CVSS 7.3
CVE-2026-3762 HIGH
SourceCodester CDMS 1.0/3.1 - Auth Bypass
CVSS 7.3
CVE-2026-3761 MEDIUM
SourceCodester Client DBMS 1.0 - Auth Bypass
CVSS 5.4
CVE-2026-3738 MEDIUM
SourceCodester Pet Grooming 1.0 - Auth Bypass
CVSS 6.3
CVE-2026-3737 MEDIUM
SourceCodester Pet Grooming 1.0 - Auth Bypass
CVSS 6.3
CVE-2026-3734 HIGH
SourceCodester Client DBMS 1.0 - Auth Bypass
CVSS 7.3
CVE-2026-3724 MEDIUM
Patients Waiting Area Queue 1.0 - Auth Bypass
CVSS 6.3
CVE-2026-3675 MEDIUM
Freedom Factory dGEN1 <20260221 - Auth Bypass
CVSS 5.3
CVE-2026-3674 MEDIUM
Freedom Factory dGEN1 <20260221 - Auth Bypass
CVSS 5.3
CVE-2026-3671 LOW
Freedom Factory dGEN1 <20260221 - Auth Bypass
CVSS 3.3
CVE-2026-3670 MEDIUM
Freedom Factory dGEN1 <=20260221 - Privilege Escalation
CVSS 5.3
CVE-2026-3669 MEDIUM
Freedom Factory dGEN1 <20260221 - Privilege Escalation
CVSS 5.3
CVE-2026-3667 MEDIUM
Freedom Factory dGEN1 <20260221 - Privilege Escalation
CVSS 5.3
CVE-2026-30847 MEDIUM
Wekan 8.31.0-8.33 - Info Disclosure
CVSS 6.5
CVE-2026-28685 MEDIUM
Kimai <2.51.0 - Privilege Escalation
CVSS 6.5
CVE-2026-28448 HIGH
OpenClaw 2026.1.29-2026.2.1 - Auth Bypass
CVSS 7.3
Details
Vulnerabilities 1,214
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits