The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
1,214 vulnerabilities with CWE-285
CVE-2026-30793
CRITICAL
RustDesk Client <=1.4.5 - CSRF to Privilege Escalation
CVSS 9.8
CVE-2026-27803
HIGH
Vaultwarden <1.35.4 - Privilege Escalation
CVSS 8.3
CVE-2026-0017
HIGH
BiometricService.java - Privilege Escalation
CVSS 7.7
CVE-2026-3265
MEDIUM
go2ismail Free-CRM - Auth Bypass
CVSS 6.3
CVE-2026-3263
MEDIUM
Asp.Net-Core-Inventory-Order-Management-System <9.20250118 - Auth B...
CVSS 6.3
CVE-2026-2694
MEDIUM
The Events Calendar <6.15.16 - Privilege Escalation
CVSS 5.4
CVE-2026-24890
HIGH
OpenEMR <8.0.0 - Auth Bypass
CVSS 8.1
CVE-2026-3185
MEDIUM
sz-boot-parent <=1.3.2-beta - Auth Bypass
CVSS 5.3
CVE-2026-2974
LOW
AliasVault App <0.25.3 - Info Disclosure
CVSS 2.5
CVE-2026-2896
HIGH
funadmin <7.1.0-rc4 - Privilege Escalation
CVSS 7.3
CVE-2026-2860
MEDIUM
feng_ha_ha/megagao ssm-erp - Auth Bypass
CVSS 6.3
CVE-2026-2733
LOW
Keycloak Docker v2 - Auth Bypass
CVSS 3.8
CVE-2026-2693
MEDIUM
CoCoTeaNet CyreneAdmin <1.3.0 - Auth Bypass
CVSS 4.3
CVE-2026-2676
MEDIUM
GoogTech sms-ssm - Auth Bypass
CVSS 6.3
CVE-2026-26020
HIGH
AutoGPT <0.6.48 - RCE
CVSS 8.8
CVE-2026-20666
MEDIUM
macOS Tahoe <26.3 - Info Disclosure
CVSS 5.5
CVE-2026-20661
MEDIUM
iOS <26.3-18.7.5 - Info Disclosure
CVSS 4.6
CVE-2026-20656
LOW
iOS <18.7.5 - Info Disclosure
CVSS 3.3
CVE-2026-25999
HIGH
Klaw <2.10.2 - Privilege Escalation
CVSS 7.1
CVE-2026-25893
CRITICAL
Frangoteam Fuxa < 1.2.10 - Improper Authorization
CVSS 9.8
CVE-2026-25885
HIGH
PolarLearn <0-PRERELEASE-16 - SSRF
CVSS 7.5
CVE-2026-25809
CRITICAL
Prasklatechnology Placipy - Improper Authorization
CVSS 9.8
CVE-2026-2141
MEDIUM
WuKongOpenSource WukongCRM <11.3.3 - Auth Bypass
CVSS 6.3
CVE-2026-2209
MEDIUM
Wekan < 8.19 - Improper Authorization
CVSS 6.3
CVE-2026-2109
MEDIUM
jsbroks COCO Annotator <0.11.1 - Auth Bypass
CVSS 5.4
Details
Vulnerabilities
1,214
Exploit Likelihood
High