Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,222 vulnerabilities with CWE-862

CVE-2026-0026 HIGH

PermissionManagerServiceImpl - Privilege Escalation

CVE-2026-0024 MEDIUM

Android - Unauthenticated Local Information Disclosure via MediaProvider Content Resolver

CVE-2026-3432 CRITICAL

SimStudio < 0.5.74 - Unauthenticated OAuth Token Theft via credentialAccountUserId and providerId Parameters

CVE-2026-3431 CRITICAL

SimStudio <0.5.74 - Unauthenticated MongoDB Access

CVE-2026-28557 MEDIUM

wpForo Forum 2.4.14 - Privilege Escalation

CVE-2026-28556 MEDIUM

wpForo Forum 2.4.14 - Privilege Escalation

CVE-2026-28555 MEDIUM

wpForo Forum 2.4.14 - Privilege Escalation

CVE-2026-28554 MEDIUM

wpForo Forum 2.4.14 - Privilege Escalation

CVE-2026-28515 HIGH

openDCIM 23.04 - Privilege Escalation

CVE-2026-28424 MEDIUM

Statmatic <5.73.11/6.4.0 - Info Disclosure

CVE-2026-28408 CRITICAL

WeGIA < 3.6.5 - Unauthenticated Improper Authentication via adicionar_tipo_docs_atendido.php

CVE-2026-27836 HIGH

phpmyfaq < 4.0.18 - Unauthenticated Account Creation via WebAuthn Prepare Endpoint

CVE-2026-27792 MEDIUM

Seerr 2.7.0-3.0.9 - Privilege Escalation

CVE-2026-28276 HIGH

Initiative <0.32.2 - Info Disclosure

CVE-2026-28217 MEDIUM

hoppscotch < 2026.2.0 - Authenticated Insecure Direct Object Reference via userCollection GraphQL Query

CVE-2026-27638 HIGH

Actual sync-server < 26.2.1 - Authenticated Missing Authorization in Sync API Endpoints

CVE-2026-27457 MEDIUM

Weblate < 5.16.1 - Unauthorized Addon Information Exposure via REST API

CVE-2026-27151 LOW

Discourse <2025.12.2/2026.1.1/2026.2.0 - Privilege Escalation

CVE-2026-27150 LOW

Discourse <2025.12.2/2026.1.1/2026.2.0 - Info Disclosure

CVE-2026-27021 MEDIUM

Discourse <2025.12.2/2026.1.1/2026.2.0 - Info Disclosure

CVE-2026-26979 LOW

Discourse <2025.12.2 - Privilege Escalation

CVE-2026-26207 MEDIUM

Discourse <2025.12.2/2026.1.1/2026.2.0 - Auth Bypass

CVE-2026-24004 MEDIUM

Fleet <4.80.1 - Unauthenticated Device Unenrollment

CVE-2026-27954 MEDIUM

Live Helper Chat <4.52 - Privilege Escalation

CVE-2026-27946 MEDIUM

ZITADEL <4.11.1/3.4.7 - Auth Bypass

Previous Page 43 of 329 Next

Details

Vulnerabilities 8,222

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy