Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,570 vulnerabilities with CWE-639

CVE-2026-3568 MEDIUM

MStore API <= 4.18.3 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Meta Update

CVE-2026-2104 MEDIUM

Authorization Bypass Through User-Controlled Key in GitLab

CVE-2026-5875 MEDIUM

Google Chrome <147.0.7727.55 - UI Spoofing

CVE-2026-35478 HIGH

InvenTree has Arbitrary API Token Creation

CVE-2026-35165 MEDIUM

LORIS has incorrect access checks in document_repository

CVE-2026-34985 MEDIUM

LORIS has incorrect access checks in media module

CVE-2026-32589 HIGH

Mirror-registry: quay: insecure direct object reference in blobupload

CVE-2026-35023 MEDIUM

Wimi Teamwork On-Premises < 8.2.0 IDOR via preview.php

CVE-2026-39616 MEDIUM

WordPress Download Attachments plugin <= 1.4.0 - Insecure Direct Object References (IDOR) vulnerability

CVE-2026-39526 MEDIUM

WordPress WpStream plugin < 4.11.2 - Insecure Direct Object References (IDOR) vulnerability

CVE-2026-39510 LOW

WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Insecure Direct Object References (IDOR) vulnerability

CVE-2026-4654 MEDIUM

Awesome Support <= 6.3.7 - Authenticated (Subscriber+) Insecure Direct Object Reference to Unauthorized Ticket Reply Access via 'ticket_id' Parameter

CVE-2026-4330 MEDIUM

Blog2Social: Social Media Auto Post & Scheduler < 8.8.3 - Authorization Bypass

CVE-2026-5167 MEDIUM

Masteriyo LMS <= 2.1.7 - Unauthenticated Authorization Bypass to Arbitrary Order Completion via Stripe Webhook Endpoint

CVE-2026-39374 MEDIUM

Plane IDOR: Cross-Project Issue Date Modification via Bulk Update Endpoint

CVE-2026-39354 MEDIUM

Scoold has an Authenticated Arbitrary Question Overwrite via Client-Controlled postId in POST /questions/ask

CVE-2026-39331 HIGH

ChurchCRM has an API Authorization Bypass Allows Authenticated User to Deactivate, Modify, and Spam Arbitrary Families

CVE-2026-39384 HIGH

FreeScout Customer Merge Cross-Mailbox Authorization Bypass

CVE-2026-35584 MEDIUM

FreeScout has an Unauthenticated IDOR in Open Tracking Endpoint Allows Cross-Conversation Thread Manipulation and Enumeration

CVE-2026-35489 HIGH

Tandoor Recipes — `amount`/`unit` bypass serializer in `food/{id}/shopping/`

CVE-2026-5465 HIGH

Amelia <= 2.1.3 - Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter

CVE-2026-35183 HIGH

Brave CMS has an Insecure Direct Object Reference in Article Image Deletion

CVE-2026-35173 MEDIUM

Chyrp Lite has an IDOR via Mass Assignment in Post Model

CVE-2026-35045 HIGH

Tandoor Recipes Affected by Private Recipe Exposure and Unauthorized Modification

CVE-2026-34444 HIGH

Lupa has a Sandbox escape and RCE due to incomplete attribute_filter enforcement in getattr / setattr

Previous Page 4 of 63 Next

Details

Vulnerabilities 1,570

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy