Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-863

CWE-863

High likelihood

Incorrect Authorization

Parent: CWE-285 - Improper Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

2,832 vulnerabilities with CWE-863

CVE-2026-22170 MEDIUM

OpenClaw < 2026.2.22 BlueBubbles - Access Control Bypass via Empty allowFrom Configuration

CVE-2026-26230 LOW

Team Admin Privilege Escalation to Demote Members to Guest

CVE-2026-32267 CRITICAL

Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController->actionImpersonateWithToken()

CVE-2026-26304 MEDIUM

Permission Bypass in Playbook Run Creation

CVE-2026-24692 MEDIUM

Guest users can bypass read permissions via search API

CVE-2026-22545 LOW

Password Change Bypass via Auth Switch Endpoint

CVE-2026-4265 MEDIUM

Guest user can upload files without permission across teams

CVE-2026-32717 LOW

AnythingLLM access control bypass: suspended users can continue using Browser Extension API keys

CVE-2026-32715 LOW

AnythingLLM Manager Privilege Bypass Allows Access to Admin-Only System Preferences

CVE-2026-2462 MEDIUM

Admin RCE via Malicious Plugin Upload on CI Test Instances

CVE-2026-20992 LOW

Samsung Mobile Devices - Privilege Escalation

CVE-2026-32597 HIGH

PyJWT <2.12.0 - Auth Bypass

CVE-2026-30943 MEDIUM

Gokapi <2.2.4 - Auth Bypass

CVE-2026-32245 MEDIUM

Tinyauth <5.0.3 - Auth Bypass

CVE-2026-3977 MEDIUM

ProjectSend <r1945 - Auth Bypass

CVE-2026-32123 HIGH

OpenEMR <8.0.0.1 - Auth Bypass

CVE-2026-32108 MEDIUM

Copyparty <1.20.12 - Auth Bypass

CVE-2026-32102 MEDIUM

OliveTin <=3000.10.2 - Info Disclosure

CVE-2026-32101 HIGH

StudioCMS <0.3.1 - Auth Bypass

CVE-2026-31887 HIGH

Shopware <6.7.8.1/6.6.10.15 - Info Disclosure

CVE-2026-30239 MEDIUM

OpenProject <17.2.0 - Privilege Escalation

CVE-2026-30236 MEDIUM

OpenProject <17.2.0 - Info Disclosure

CVE-2026-1524 LOW

Neo4j Enterprise <2026.02 - Auth Bypass

CVE-2026-1471 LOW

Neo4j Enterprise <2026.01.4 - Privilege Escalation

CVE-2026-31892 HIGH

Argo Workflows 2.9.0-4.0.1/3.7.0-3.7.10 - Auth Bypass

Previous Page 9 of 114 Next

Details

Vulnerabilities 2,832

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy