Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,344 vulnerabilities with CWE-862

CVE-2025-0935 MEDIUM

Media Library Folders <= 8.3.0 - Authenticated Plugin Settings Change via Missing Capability Check

CVE-2025-24692 HIGH

Michael Revellin-Clerc Bulk Menu Edit <1.3 - RCE

CVE-2025-24607 MEDIUM

IdeaPush <= 8.71 - Missing Authorization

CVE-2025-23771 MEDIUM

Murali Push Notification <2.11 - RCE

CVE-2025-23766 MEDIUM

OPSI Israel Domestic Shipments <2.6.6 - Info Disclosure

CVE-2025-23534 MEDIUM

WPLingo <= 1.1.2 - Unauthenticated Arbitrary Content Deletion via Missing Authorization

CVE-2025-22702 MEDIUM

EPC Photography <7.5.2 - Info Disclosure

CVE-2025-22698 MEDIUM

Ability, Inc Accessibility Suite <4.16 - RCE

CVE-2025-1214 MEDIUM

PiHome maxair - Missing Authorization in Role-Based Access Control via /user_accounts.php?uid

CVE-2025-26378 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated Password Reset via Crafted HTTP Requests

CVE-2025-26377 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated User Removal via Crafted HTTP Requests

CVE-2025-26376 MEDIUM

Q-Free MaxTime <= 2.11.0 - Authenticated User Data Modification via Crafted HTTP Requests

CVE-2025-26375 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated Privilege Escalation via User Creation

CVE-2025-26374 MEDIUM

Q-Free MaxTime <= 2.11.0 - Authenticated User Enumeration via Users Endpoint

CVE-2025-26373 MEDIUM

Q-Free MaxTime <= 2.11.0 - Authenticated User Enumeration via User Endpoint

CVE-2025-26372 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated User Removal from Groups via Crafted HTTP Requests

CVE-2025-26371 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated Missing Authorization in User-Groups Routes

CVE-2025-26370 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated Privilege Removal via User Groups Route

CVE-2025-26369 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated Privilege Escalation via User Group Route

CVE-2025-26368 HIGH

Q-Free MaxTime <= 2.11.0 - Authenticated User Group Removal via Crafted HTTP Requests

CVE-2025-26367 MEDIUM

Q-Free MaxTime <= 2.11.0 - Authenticated Arbitrary User Group Creation via HTTP Request

CVE-2025-0526 MEDIUM

Octopus Server 2022.4.791-2024.3.13097 - Unauthenticated Arbitrary File Write via API Endpoint

CVE-2025-25241 MEDIUM

SAP Fiori Apps Reference Library (My Overtime Requests) >=GBX01HR5 605 - Missing Authorization

CVE-2025-23190 MEDIUM

SAP NetWeaver and ABAP Platform ST-PI - Missing Authorization Check

CVE-2025-23189 MEDIUM

SAP NetWeaver and ABAP Platform (SDCCN) - Authenticated Missing Authorization in SDCCN Transaction

Previous Page 150 of 334 Next

Details

Vulnerabilities 8,344

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy