The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
3,041 vulnerabilities with CWE-863
CVE-2026-1497
HIGH
Neo4j Enterprise <2026.02/5.26.22 - Privilege Escalation
CVSS 7.2
CVE-2026-32059
HIGH
OpenClaw <2026.2.23 - Command Injection
CVSS 8.8
CVE-2026-21359
MEDIUM
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 4.7
CVE-2026-21309
HIGH
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 7.5
CVE-2026-21297
MEDIUM
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 4.3
CVE-2026-21296
MEDIUM
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 4.3
CVE-2026-21289
HIGH
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 7.5
CVE-2026-21286
MEDIUM
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 5.3
CVE-2026-21285
MEDIUM
Adobe Commerce <=2.4.9-alpha3 - Auth Bypass
CVSS 4.3
CVE-2026-31838
MEDIUM
Istio <1.29.1/1.28.5/1.27.8 - Auth Bypass
CVSS 5.3
CVE-2026-31801
HIGH
zot 1.3.0-2.1.14 - Incorrect Authorization via Manifest Overwrite
CVSS 7.7
CVE-2026-30965
CRITICAL
Parse Server <9.5.2-alpha.8/8.6.21 - Info Disclosure
CVSS 9.1
CVE-2026-30947
HIGH
Parse Server <9.5.2-alpha.3/8.6.16 - Info Disclosure
CVSS 7.5
CVE-2026-26308
HIGH
Envoy <1.37.1/1.36.5/1.35.8/1.34.13 - Auth Bypass
CVSS 7.5
CVE-2026-30945
HIGH
StudioCMS <0.4.0 - Privilege Escalation
CVSS 7.1
CVE-2026-30944
HIGH
StudioCMS <0.4.0 - Privilege Escalation
CVSS 8.8
CVE-2026-26141
HIGH
Azure Automation Hybrid Worker Windows Extension < 1.3.74 - Privilege Escalation via Improper Authentication
CVSS 7.8
CVE-2026-29773
MEDIUM
Kubewarden 1.6.0-1.32.9 - Incorrect Authorization via Deprecated Host-Callback APIs
CVSS 4.3
CVE-2026-28513
HIGH
Pocket ID < 2.4.0 - Incorrect Authorization via OIDC Token Endpoint
CVSS 8.5
CVE-2026-30863
CRITICAL
Parse Server <8.6.10/9.5.0-alpha.11 - Auth Bypass
CVSS 9.8
CVE-2026-30854
MEDIUM
Parse Server 9.3.1-alpha.3-9.5.0-alpha.10 - Info Disclosure
CVSS 5.3
CVE-2026-29196
MEDIUM
Netmaker < 1.5.0 - Incorrect Authorization via API Endpoints
CVSS 4.3
CVE-2026-29195
MEDIUM
Netmaker <1.5.0 - Privilege Escalation
CVSS 6.5
CVE-2026-29194
HIGH
Netmaker < 1.5.0 - Incorrect Authorization via Host JWT Token Bypass
CVSS 8.1
CVE-2026-30820
HIGH
Flowise <3.0.13 - Privilege Escalation
CVSS 8.8
Details
Vulnerabilities
3,041
Exploit Likelihood
High