Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-639

CWE-639

High likelihood

Authorization Bypass Through User-Controlled Key

Parent: CWE-863 - Incorrect Authorization

The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

1,777 vulnerabilities with CWE-639

CVE-2026-5396 HIGH

Fluent Forms <= 6.1.21 - Authenticated (Subscriber+) Authorization Bypass via 'form_id' Parameter

CVE-2026-3074 MEDIUM

Authorization Bypass Through User-Controlled Key in GitLab

CVE-2026-3073 MEDIUM

Authorization Bypass Through User-Controlled Key in GitLab

CVE-2026-1338 MEDIUM

Authorization Bypass Through User-Controlled Key in GitLab

CVE-2026-7648 MEDIUM

LearnPress <= 4.3.5 - Subscriber Payment Bypass

CVE-2026-44426 MEDIUM

ShellHub: Cross-tenant IDOR in `GET /api/namespaces/:tenant` via API Key bypasses membership check

CVE-2026-44424 MEDIUM

ShellHub: Cross-tenant IDOR in `GET /api/devices/:uid` discloses device data of any namespace

CVE-2026-44423 MEDIUM

ShellHub: Cross-tenant IDOR in `GET /api/sessions/:uid` discloses SSH session data

CVE-2026-42463 HIGH

SQLBot: Unauthorized Access Vulnerability

CVE-2026-6965 MEDIUM

Tutor LMS <= 3.9.9 - Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Post Deletion via 'course' GET Parameter

CVE-2026-44341 MEDIUM

GoJobs: Insecure Direct Object Reference (IDOR) in Job Retrieval Endpoint

CVE-2026-42889 CRITICAL

Relay Server WebSocket authentication bypass when token is omitted

CVE-2026-29204 CRITICAL

WHMCS 7.4.0-18.12.1, 18.13.0-18.13.2, 9.0.0-9.0.3 - Authorization Bypass via clientarea.php addonId

CVE-2026-6001 HIGH

IDOR in Abis Technology's BAPSİS

CVE-2026-43890 HIGH

Outline: IDOR in subscriptions.create allows cross-tenant subscription on private documents (sibling of GHSA-23jj-rp48-w7q7)

CVE-2026-43883 MEDIUM

WWBN AVideo: IDOR in PayPalYPT agreementCancel.json.php Allows Any Authenticated User to Cancel Arbitrary PayPal Subscription Agreements

CVE-2026-38568 HIGH

HireFlow v1.2 - Privilege Escalation

CVE-2026-33356 HIGH

Meari MQTT broker missing per-device subscribe ACL

CVE-2026-42609 HIGH

Grav: Administrative Account Disruption and Privilege De-escalation via User Overwrite Logic

CVE-2026-8196 LOW

JeecgBoot mLogin Endpoint LoginController.java authorization

CVE-2026-42456 MEDIUM

AnythingLLM: Cross-User TTS Audio Disclosure via Chat ID (IDOR)

CVE-2026-42291 MEDIUM

SysReptor: Read-write access to personal notes by sharing-link creation with no authorization in SysReptor Professional

CVE-2026-42205 HIGH

Avo: Broken Access Control: Unauthorized Execution of Arbitrary Action Classes Across Resources

CVE-2026-44400 HIGH

MailEnable Enterprise Premium < 10.55 Authorization Bypass via WebAdmin

CVE-2026-42279 MEDIUM

solidtime: Time entry update endpoint allows cross-organization modification of a known time-entry UUID

Previous Page 7 of 72 Next

Details

Vulnerabilities 1,777

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy