Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,063 vulnerabilities with CWE-863

CVE-2025-65900 MEDIUM

Kalmia CMS <0.2.0 - Info Disclosure

CVE-2025-14016 MEDIUM

macrozheng mall-swarm < 1.0.3 - Improper Authorization via /member/readHistory/delete ids Parameter

CVE-2025-66406 MEDIUM

Step CA <0.29.0 - Improper Authorization

CVE-2025-20381 MEDIUM

Splunk MCP Server app <0.2.4 - Auth Bypass

CVE-2025-12756 MEDIUM

Mattermost <11.0.2-10.12.1-10.11.4-10.5.12 - Privilege Escalation

CVE-2025-13653 MEDIUM

Search Guard FLX <4.0.0 - Info Disclosure

CVE-2025-13829 HIGH

Data Illusion Zumbrunn NGSurvey - Info Disclosure

CVE-2025-13813 MEDIUM

mogublog < 5.2 - Missing Authorization in Storage Management Endpoint

CVE-2025-13806 HIGH

nutzam NutzBoot < 2.6.0 - Improper Authorization in Transaction API

CVE-2025-66433 MEDIUM

HTCondor Access Point <25.3.1 - Privilege Escalation

CVE-2025-66424 MEDIUM

Tryton trytond <7.6.11 - Info Disclosure

CVE-2025-66423 HIGH

Tryton trytond <6.0-7.6.11 - Info Disclosure

CVE-2025-66360 HIGH

Logpoint <7.7.0 - Privilege Escalation

CVE-2025-12971 MEDIUM

Folders - Unlimited Folders to Organize Media Library Folder, Pages...

CVE-2025-55469 CRITICAL

youlai-boot <2.21.1 - Privilege Escalation

CVE-2025-9803 HIGH

lunary 1.9.34 - Account Takeover via Improper Google OAuth Audience Validation

CVE-2025-13432 MEDIUM

Terraform 1.0.0-1.0.3 - Incorrect Authorization in State Version Creation

CVE-2025-62189 MEDIUM

LogStare Collector < 2.4.2 - Incorrect Authorization in UserRegistration

CVE-2025-62730 HIGH

soplanning < 1.55.00 - Authenticated Privilege Escalation via User Management Tab

CVE-2025-13468 MEDIUM

SourceCodester Alumni Management System 1.0 - Missing Authorization in Delete Handler

CVE-2025-59111 MEDIUM

Windu CMS 4.1 - Broken Access Control in User Editing Functionality

CVE-2025-41346 CRITICAL

WinPlus 24.11.27 - Incorrect Authorization via Numerical ID Impersonation

CVE-2025-65073 HIGH

OpenStack Keystone < 26.0.1, 27.0.0, 28.0.0 - Incorrect Authorization via AWS Signature

CVE-2025-7736 LOW

GitLab CE/EE <18.3.6-18.5.2 - Auth Bypass

CVE-2025-11865 MEDIUM

GitLab 18.1-18.3.6, 18.4-18.4.4, 18.5-18.5.2 - Incorrect Authorization

Previous Page 28 of 123 Next

Details

Vulnerabilities 3,063

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy