Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

3,064 vulnerabilities with CWE-863

CVE-2025-49810 LOW

Mattermost 10.5.0-10.5.8 - Incorrect Authorization in AI Posts Thread Access

CVE-2025-27213 MEDIUM

UniFi Connect <1.5.18-1.9.324 - Info Disclosure

CVE-2025-57728 MEDIUM

JetBrains IntelliJ IDEA < 2025.2 - Unauthenticated Hidden File Discovery via Code With Me Guest Access

CVE-2025-9228 MEDIUM

MiR Robots < 3.0.0 - Incorrect Authorization in Note Creation

CVE-2025-55213 CRITICAL

OpenFGA <1.9.5 - Improper Policy Enforcement

CVE-2025-55205 CRITICAL

Capsule <0.10.3 - Privilege Escalation

CVE-2025-36120 HIGH

IBM Storage Virtualize 8.4-8.7 - Authenticated Privilege Escalation via SSH Session

CVE-2025-7773 HIGH

5032 16pt Digital Configurable - Info Disclosure

CVE-2025-49556 HIGH

Adobe Commerce < 2.4.4 - Incorrect Authorization

CVE-2025-42951 HIGH

SAP Business One - Privilege Escalation

CVE-2025-8807 MEDIUM

tianti < 2.3 - Missing Authorization in User Save Endpoint

CVE-2025-8796 MEDIUM

LitmusChaos Litmus < 3.19.0 - Missing Authorization in Delete Request Handler

CVE-2025-54888 HIGH

Fedify < 1.3.20 - Incorrect Authorization

CVE-2025-55077 HIGH

Tyler Technologies ERP Pro 9 SaaS - Command Injection

CVE-2025-8533 MEDIUM

Fantastical <4.0.15 - Privilege Escalation

CVE-2025-20332 MEDIUM

Cisco Identity Services Engine Software - Authenticated Incorrect Authorization via Crafted HTTP Request

CVE-2025-54253 CRITICAL KEV

Adobe Experience Manager Forms < 6.5.23.0 - Unauthenticated Arbitrary Code Execution via Misconfiguration

CVE-2025-54554 MEDIUM

Tera Insights tiCrypt <2025-07-17 - Info Disclosure

CVE-2025-20701 HIGH

Airoha Bluetooth audio SDK - Privilege Escalation

CVE-2025-8435 HIGH

Online Movie Streaming 1.0 - Missing Authorization in /admin-control.php ID Parameter

CVE-2025-8434 HIGH

Online Movie Streaming 1.0 - Missing Authorization in /admin.php ID Parameter

CVE-2025-8068 MEDIUM

HT Mega < 2.9.1 - Authenticated Arbitrary Data Deletion via Improper Capability Check

CVE-2025-54583 MEDIUM

finos/gitproxy < 1.19.2 - Incorrect Authorization via Policy Bypass

CVE-2025-43251 MEDIUM

macOS Sequoia <15.6 - Privilege Escalation

CVE-2025-43230 MEDIUM

iPadOS < 17.7.9 - Incorrect Authorization

Previous Page 33 of 123 Next

Details

Vulnerabilities 3,064

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy