Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,230 vulnerabilities with CWE-862

CVE-2026-1722 MEDIUM

WCFM Marketplace - Insecure Direct Object Reference

CVE-2026-24327 MEDIUM

SAP Strategic Enterprise Management - Info Disclosure

CVE-2026-24326 MEDIUM

SAP S/4HANA Defense & Security - Missing Authorization Check in Disconnected Operations

CVE-2026-24322 HIGH

SAP Solution Tools Plug-In - Authenticated Information Disclosure via Missing Authorization

CVE-2026-24312 MEDIUM

SAP Business Workflow - Privilege Escalation

CVE-2026-23688 MEDIUM

SAP Fiori App Manage Service Entry Sheets - Privilege Escalation

CVE-2026-23681 MEDIUM

SAP Support Tools Plug-In - Info Disclosure

CVE-2026-0509 CRITICAL

SAP NetWeaver Application Server ABAP/ABAP Platform - Privilege Esc...

CVE-2026-0490 HIGH

SAP BusinessObjects BI Platform - Auth Bypass

CVE-2026-0488 CRITICAL

SAP CRM/S/4HANA - Privilege Escalation

CVE-2026-0486 MEDIUM

SAP Solution Tools Plug-In - Missing Authorization

CVE-2026-0484 MEDIUM

SAP NetWeaver/S/4HANA - Privilege Escalation

CVE-2026-0845 HIGH

WCFM - Frontend Manager <6.7.24 - Privilege Escalation

CVE-2026-25939 CRITICAL

FUXA 1.2.8-1.2.10 - Unauthenticated Authorization Bypass via Scheduler Modification

CVE-2026-25808 HIGH

Hollo <0.6.20-0.7.2 - Info Disclosure

CVE-2026-25876 CRITICAL

PlaciPy 1.0.0 - Missing Object-Level Authorization in Results Endpoint

CVE-2026-25810 CRITICAL

PlaciPy 1.0.0 - Missing Object-Level Authorization in Student Submission Routes

CVE-2026-25806 MEDIUM

PlaciPy 1.0.0 - Missing Authorization in Student API Endpoints

CVE-2026-24777 MEDIUM

OpenProject < 17.0.2 - Missing Authorization for User Lock/Unlock

CVE-2026-24095 MEDIUM

Checkmk <2.4.0p21-2.3.0p43-2.2.0 - Auth Bypass

CVE-2026-2208 MEDIUM

Wekan < 8.21 - Missing Authorization in Rules Handler

CVE-2026-2065 MEDIUM

Flycatcher Toys smART Pixelator 2.0 - Auth Bypass

CVE-2026-25752 CRITICAL

FUXA < 1.2.10 - Unauthenticated Authorization Bypass via WebSocket Device Tag Modification

CVE-2026-23632 MEDIUM

Gogs < 0.13.4 - Incorrect Authorization via PUT /repos/:owner/:repo/contents/* Endpoint

CVE-2026-22592 MEDIUM

Gogs < 0.13.4 - Authenticated Denial of Service via Repository File Deletion

Previous Page 50 of 330 Next

Details

Vulnerabilities 8,230

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy