Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: privilege-escalation Clear
ID Title
CVE-2026-14250 Privilege Escalation in wordpress (CVE-2026-14250)
vulnerability in wordpress (CVE-2026-14250). Risk of unauthorized operations or information disclosure.
CVE-2026-9842 Privilege Escalation in wordpress (CVE-2026-9842)
vulnerability in wordpress (CVE-2026-9842). Data can be tampered with by attackers. Exploitable via ``manage_options``.
CVE-2026-14482 Privilege Escalation in wordpress (CVE-2026-14482)
vulnerability in wordpress (CVE-2026-14482). Successful exploitation can lead to full system takeover. Exploitable via ``update_option``.
CVE-2026-54998 Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
CVE-2026-13228 Privilege Escalation in wordpress (CVE-2026-13228)
vulnerability in wordpress (CVE-2026-13228). Successful exploitation can lead to full system takeover.
CVE-2026-11387 Authentication Bypass in wordpress (CVE-2026-11387)
authentication bypass in wordpress (CVE-2026-11387). Successful exploitation can lead to full system takeover.
CVE-2026-12224 Privilege Escalation in wordpress (CVE-2026-12224)
vulnerability in wordpress (CVE-2026-12224). Successful exploitation can lead to full system takeover.
CVE-2026-14124 Privilege Escalation in privilege-escalation (CVE-2026-14124)
vulnerability in privilege-escalation (CVE-2026-14124). Successful exploitation can lead to full system takeover.
CVE-2026-14115 Vulnerability in privilege-escalation (CVE-2026-14115)
vulnerability in privilege-escalation (CVE-2026-14115). Successful exploitation can lead to full system takeover.
CVE-2026-14094 Use-After-Free in privilege-escalation (CVE-2026-14094)
vulnerability in privilege-escalation (CVE-2026-14094). Successful exploitation can lead to full system takeover.
CVE-2026-14078 Vulnerability in privilege-escalation (CVE-2026-14078)
vulnerability in privilege-escalation (CVE-2026-14078). Successful exploitation can lead to full system takeover.
CVE-2026-14036 Vulnerability in privilege-escalation (CVE-2026-14036)
vulnerability in privilege-escalation (CVE-2026-14036). Successful exploitation can lead to full system takeover.
CVE-2026-14041 Vulnerability in privilege-escalation (CVE-2026-14041)
vulnerability in privilege-escalation (CVE-2026-14041). Successful exploitation can lead to full system takeover.
CVE-2026-14060 Vulnerability in privilege-escalation (CVE-2026-14060)
vulnerability in privilege-escalation (CVE-2026-14060). Successful exploitation can lead to full system takeover.
CVE-2026-14018 Use-After-Free in privilege-escalation (CVE-2026-14018)
vulnerability in privilege-escalation (CVE-2026-14018). Successful exploitation can lead to full system takeover.
CVE-2026-13927 Vulnerability in privilege-escalation (CVE-2026-13927)
vulnerability in privilege-escalation (CVE-2026-13927). Successful exploitation can lead to full system takeover.
CVE-2026-13928 Vulnerability in privilege-escalation (CVE-2026-13928)
vulnerability in privilege-escalation (CVE-2026-13928). Successful exploitation can lead to full system takeover.
CVE-2026-13891 Vulnerability in privilege-escalation (CVE-2026-13891)
vulnerability in privilege-escalation (CVE-2026-13891). Successful exploitation can lead to full system takeover.
CVE-2026-13903 Vulnerability in privilege-escalation (CVE-2026-13903)
vulnerability in privilege-escalation (CVE-2026-13903). Successful exploitation can lead to full system takeover.
CVE-2026-13897 Vulnerability in privilege-escalation (CVE-2026-13897)
vulnerability in privilege-escalation (CVE-2026-13897). Successful exploitation can lead to full system takeover.
CVE-2026-13856 Vulnerability in privilege-escalation (CVE-2026-13856)
vulnerability in privilege-escalation (CVE-2026-13856). Successful exploitation can lead to full system takeover.
CVE-2026-13863 Vulnerability in privilege-escalation (CVE-2026-13863)
vulnerability in privilege-escalation (CVE-2026-13863). Successful exploitation can lead to full system takeover.
CVE-2026-13844 Use-After-Free in privilege-escalation (CVE-2026-13844)
vulnerability in privilege-escalation (CVE-2026-13844). Successful exploitation can lead to full system takeover.
CVE-2026-13864 Vulnerability in privilege-escalation (CVE-2026-13864)
vulnerability in privilege-escalation (CVE-2026-13864). Successful exploitation can lead to full system takeover.
CVE-2026-13827 Use-After-Free in privilege-escalation (CVE-2026-13827)
vulnerability in privilege-escalation (CVE-2026-13827). Successful exploitation can lead to full system takeover.
CVE-2026-13824 Vulnerability in privilege-escalation (CVE-2026-13824)
vulnerability in privilege-escalation (CVE-2026-13824). Successful exploitation can lead to full system takeover.
CVE-2026-13800 Vulnerability in privilege-escalation (CVE-2026-13800)
vulnerability in privilege-escalation (CVE-2026-13800). Successful exploitation can lead to full system takeover.
CVE-2026-12073 Vulnerability in wordpress (CVE-2026-12073)
vulnerability in wordpress (CVE-2026-12073). Successful exploitation can lead to full system takeover. Exploitable via ``user_login``.
CVE-2026-58054 MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
CVE-2026-12415 Privilege Escalation in wordpress (CVE-2026-12415)
vulnerability in wordpress (CVE-2026-12415). Successful exploitation can lead to full system takeover.
CVE-2026-46710 Vulnerability in privilege-escalation (CVE-2026-46710)
vulnerability in privilege-escalation (CVE-2026-46710). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6` or later.
CVE-2026-57518 Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
CVE-2026-52943 Use-After-Free in privilege-escalation (CVE-2026-52943)
vulnerability in privilege-escalation (CVE-2026-52943). Successful exploitation can lead to full system takeover.
CVE-2026-4297 Vulnerability in wordpress (CVE-2026-4297)
vulnerability in wordpress (CVE-2026-4297). Successful exploitation can lead to full system takeover.
CVE-2026-12417 Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
CVE-2026-11551 Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
CVE-2026-56142 Vulnerability in privilege-escalation (CVE-2026-56142)
vulnerability in privilege-escalation (CVE-2026-56142). Successful exploitation can lead to full system takeover.
CVE-2026-12449 Use-After-Free in privilege-escalation (CVE-2026-12449)
vulnerability in privilege-escalation (CVE-2026-12449). Successful exploitation can lead to full system takeover.
CVE-2026-12448 Privilege Escalation in privilege-escalation (CVE-2026-12448)
vulnerability in privilege-escalation (CVE-2026-12448). Successful exploitation can lead to full system takeover.
CVE-2026-12165 Privilege Escalation in wordpress (CVE-2026-12165)
vulnerability in wordpress (CVE-2026-12165). Successful exploitation can lead to full system takeover. Exploitable via ``RegistryUserRole``.
CVE-2026-53849 OpenClaw: Discord allowFrom could bind to mutable display names
OpenClaw: Discord allowFrom could bind to mutable display names
CVE-2026-53854 Authorization Flaw in openclaw (CVE-2026-53854)
vulnerability in openclaw (CVE-2026-53854). Data can be tampered with by attackers. Mitigation: upgrade to `2026.4.25` or later.
CVE-2026-53847 Vulnerability in openclaw (CVE-2026-53847)
vulnerability in openclaw (CVE-2026-53847). Risk of unauthorized operations or information disclosure. Exploitable via ``operator.write``. Mitigation: upgrade to `2026.5.6` or later.
CVE-2026-50656 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in...
CVE-2026-12289 Privilege Escalation in privilege-escalation (CVE-2026-12289)
vulnerability in privilege-escalation (CVE-2026-12289). Successful exploitation can lead to full system takeover.
CVE-2026-8176 Privilege Escalation in wordpress (CVE-2026-8176)
vulnerability in wordpress (CVE-2026-8176). Successful exploitation can lead to full system takeover.
CVE-2016-20084 Cross-Site Scripting (XSS) in wordpress (CVE-2016-20084)
cross-site scripting in wordpress (CVE-2016-20084). Risk of unauthorized operations or information disclosure.
CVE-2016-20070 Cross-Site Scripting (XSS) in wordpress (CVE-2016-20070)
cross-site scripting in wordpress (CVE-2016-20070). Risk of unauthorized operations or information disclosure.
CVE-2026-53823 Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
CVE-2026-12018 Privilege Escalation in privilege-escalation (CVE-2026-12018)
vulnerability in privilege-escalation (CVE-2026-12018). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →