Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,143 vulnerabilities with CWE-862

CVE-2026-1934 MEDIUM

Motors <= 1.4.103 - Subscriber Payment Bypass

CVE-2026-7050 MEDIUM

Forms Rb <= 1.1.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via 'form_id' Parameter

CVE-2026-6709 MEDIUM

Coinbase Commerce for Contact Form 7 <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) API Key Modification via 'cccf7_api_key' Parameter

CVE-2026-6708 MEDIUM

HEL Online Classroom: AI-powered Online Classrooms <= 1.0.3 - Missing Authorization to Unauthenticated Arbitrary Classroom Deletion via 'id' Parameter

CVE-2026-6663 MEDIUM

GWD Connect <= 2.9 - Unauthenticated Limited Code Execution via update_agent

CVE-2026-5693 MEDIUM

Smart Appointment & Booking <= 1.0.8 - Missing Authorization to Unauthenticated Arbitrary Booking Cancellation

CVE-2026-4301 MEDIUM

Rate Star Review Vote <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification via 'rating_id' Parameter

CVE-2026-39432 HIGH

WordPress Timetics plugin <= 1.0.53 - Broken Access Control vulnerability

CVE-2026-40134 MEDIUM

Missing Authorization Check in SAP Incentive and Commission Management

CVE-2026-40133 MEDIUM

Missing Authorization check in SAP S/4HANA Condition Maintenance

CVE-2026-40132 MEDIUM

Missing Authorization Check in SAP Strategic Enterprise Management (BSP application Balanced Scorecard Wizard)

CVE-2026-43885 HIGH

WWBN AVideo: Exposure of Sensitive Information to an Unauthorized Actor and Missing Authorization

CVE-2026-20696 MEDIUM

macOS < 26.4 - Unprotected User Data Exposure via Authorization Issue

CVE-2026-45001 HIGH

OpenClaw < 2026.4.20 - Gateway Config Mutation Guard Bypass via Agent Tool Access

CVE-2026-44994 MEDIUM

OpenClaw < 2026.4.22 - Authentication Bypass in Gateway Control UI Bootstrap Config Endpoint

CVE-2026-43639 HIGH

Bitwarden Server < 2026.4.0 Missing Authorization via Provider Clients

CVE-2026-43638 MEDIUM

Bitwarden Server < 2026.4.1 Missing Authorization via Organization Cipher Import

CVE-2026-33359 HIGH

Meari unauthenticated alert image access in cloud object storage

CVE-2026-33357 HIGH

Meari OpenAPI device status IDOR

CVE-2026-42613 CRITICAL

Grav: Privilege Escalation via Missing Server-Side Validation of groups/access

CVE-2026-32658 HIGH

Dell Automation Platform < 2.0.0.0 - Missing Authorization Leading to Privilege Escalation

CVE-2026-8194 MEDIUM

osTicket Dispatcher class.dispatcher.php cross-site request forgery

CVE-2026-42569 CRITICAL

phpvms: /importer authorization bypass causing full database wipe

CVE-2026-42461 HIGH

Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)

CVE-2026-42297 HIGH

Argo Workflows Is Missing Authorization in Sync ConfigMap Provider

Previous Page 15 of 326 Next

Details

Vulnerabilities 8,143

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy