Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,041 vulnerabilities with CWE-863

CVE-2026-11577 HIGH

Keycloak: keycloak: privilege escalation via partialimport fgap permission bypass

CVE-2026-21031 HIGH

Samsung Mobile Devices - Improper Authorization in AppBlock

CVE-2026-42547 MEDIUM

IRIS Alerts Can be Falsely Attributed to Customers

CVE-2026-41235 HIGH

Froxlor 2.3.6 FTP Shell Assignment - Authorization Bypass

CVE-2026-50266 LOW

Openstack Neutron - Incorrect Authorization

CVE-2026-10815 MEDIUM

LakshayD02 Hostel-Management-System-PHP Admin Dashboard index.php authorization

CVE-2026-10860 MEDIUM

MISP CRUDComponent delete validation bypass via operator precedence error

CVE-2026-41283 CRITICAL

Openstack Mistral - Incorrect Authorization

CVE-2026-44654 HIGH

LibreChat: Shared-agent editor can globally delete owner's file records — breaks owner's other private agents

CVE-2026-35482 HIGH

alf.io <2.0-M5-2606 Extension Scripts - Sandbox Escape

CVE-2026-10616 MEDIUM

nextlevelbuilder GoClaw Team Task Completion team_tasks_lifecycle.go TeamTasksTool.executeComplete authorization

CVE-2026-3514 HIGH

Authentication Bypass in prefecthq/prefect

CVE-2026-9048 MEDIUM

Slider Revolution 7.0.0-7.0.14 - Authenticated Sensitive Information Exposure via slider.get.full AJAX Action

CVE-2026-22872 CRITICAL

Capsule < 0.13.0 - Authenticated Privilege Escalation via TenantResource RawItems Processing

CVE-2026-45426 LOW

Apache Airflow Log Server - JWT Authorization Bypass

CVE-2026-10211 MEDIUM

AstrBotDevs AstrBot fs.py _normalize_rw_path authorization

CVE-2026-49376 MEDIUM

Jetbrains TeamCity < 2026.1 - Incorrect Authorization

CVE-2026-49369 MEDIUM

Jetbrains YouTrack < 2026.1.13162 - Incorrect Authorization

CVE-2026-48501 HIGH

GitHub CLI tokens leak via `gh attestation` commands

CVE-2026-35674 HIGH

OpenClaw < 2026.5.18 - Scope Bypass via Inherited chat.send Route

CVE-2026-35673 MEDIUM

OpenClaw < 2026.4.29 - SSRF Policy Bypass via Browser Debug/Export Routes

CVE-2026-34507 MEDIUM

OpenClaw < 2026.4.29 - Policy Bypass in QQBot Admin Commands via DM-only and allowFrom Checks

CVE-2026-32906 MEDIUM

OpenClaw < 2026.5.12 - Privilege Escalation in Slack Plugin Approvals via Exec Approver Gate

CVE-2026-9808 HIGH

Mautic 7 - Authenticated Authorization Bypass in API v2 Endpoints

CVE-2026-49299 MEDIUM

Openstack Neutron - Incorrect Authorization

Previous Page 3 of 122 Next

Details

Vulnerabilities 3,041

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy