CWE-285

High likelihood

Improper Authorization

Parent: CWE-284 - Improper Access Control

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

1,214 vulnerabilities with CWE-285
CVE-2026-2107 MEDIUM
Yeqifu Warehouse < 2025-10-06 - Improper Authorization
CVSS 6.3
CVE-2026-2106 MEDIUM
Yeqifu Warehouse < 2025-10-06 - Improper Authorization
CVSS 6.3
CVE-2026-2105 MEDIUM
Yeqifu Warehouse < 2025-10-06 - Improper Authorization
CVSS 6.3
CVE-2026-2079 MEDIUM
Yeqifu Warehouse < 2025-10-06 - Improper Authorization
CVSS 6.3
CVE-2026-2078 MEDIUM
Yeqifu Warehouse < 2025-10-06 - Improper Authorization
CVSS 6.3
CVE-2026-2077 MEDIUM
yeqifu - Privilege Escalation
CVSS 6.3
CVE-2026-2076 MEDIUM
Yeqifu Warehouse < 2025-10-06 - Improper Authorization
CVSS 6.3
CVE-2026-25724 HIGH
Claude Code <2.1.7 - Info Disclosure
CVSS 7.5
CVE-2026-2015 MEDIUM
Portabilis i-Educar <2.10 - Privilege Escalation
CVSS 6.3
CVE-2026-2010 MEDIUM
Sanluan PublicCMS <4.0-6.202506.d - Privilege Escalation
CVSS 4.2
CVE-2026-23623 MEDIUM
Collabora Online <25.04.08.2, <23.05.20.1, <24.04.17.3, <25.04.7.5 ...
CVSS 5.3
CVE-2026-1894 MEDIUM
WeKan <8.20 - Auth Bypass
CVSS 6.3
CVE-2026-1892 MEDIUM
WeKan <8.20 - Auth Bypass
CVSS 5.0
CVE-2026-1733 MEDIUM
Crmeb < 5.6.3 - Improper Authorization
CVSS 4.3
CVE-2026-1702 MEDIUM
Mayurik Pet Grooming Management Software - Improper Authorization
CVSS 6.3
CVE-2026-1597 MEDIUM
Bdtask SalesERP <20260116 - Auth Bypass
CVSS 6.3
CVE-2026-1550 MEDIUM
Phpgurukul Hospital Management System - Improper Authorization
CVSS 6.3
CVE-2026-24835 HIGH
Podman Desktop <1.25.1 - Auth Bypass
CVSS 7.1
CVE-2026-24305 CRITICAL
Azure Entra ID < - Privilege Escalation
CVSS 9.3
CVE-2026-22022 HIGH
Apache Solr < 9.10.1 - Improper Authorization
CVSS 8.2
CVE-2026-21641 MEDIUM
Aquaplatform Revive Adserver < 6.0.4 - Improper Authorization
CVSS 6.5
CVE-2026-1193 MEDIUM
Mineadmin - Improper Authorization
CVSS 6.3
CVE-2026-1141 MEDIUM
Phpgurukul News Portal - Improper Authorization
CVSS 6.3
CVE-2026-1112 MEDIUM
Publiccms < 5.202506.d - Improper Authorization
CVSS 5.4
CVE-2026-1106 MEDIUM
Chamilo LMS <2.0.0 Beta 1 - Auth Bypass
CVSS 5.4
Details
Vulnerabilities 1,214
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits