Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-863 Clear
ID Title
CVE-2026-47929 Authorization Flaw in adobe (CVE-2026-47929)
vulnerability in adobe (CVE-2026-47929). Successful exploitation can lead to full system takeover.
CVE-2026-48303 Authorization Flaw in adobe (CVE-2026-48303)
vulnerability in adobe (CVE-2026-48303). Successful exploitation can lead to full system takeover.
CVE-2026-47910 Authorization Flaw in adobe (CVE-2026-47910)
vulnerability in adobe (CVE-2026-47910). Confidential information can be exposed externally.
CVE-2026-45490 Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
CVE-2026-41852 Authorization Flaw in spring (CVE-2026-41852)
vulnerability in spring (CVE-2026-41852). Risk of unauthorized operations or information disclosure.
CVE-2026-48507 Authorization Flaw in snipe/snipe-it (CVE-2026-48507)
vulnerability in snipe/snipe-it (CVE-2026-48507). Risk of unauthorized operations or information disclosure. Exploitable via ``users.edit``. Mitigation: upgrade to `8.6.0` or later.
CVE-2026-7765 Authorization Flaw in checkmk (CVE-2026-7765)
vulnerability in checkmk (CVE-2026-7765). Risk of unauthorized operations or information disclosure.
CVE-2026-11577 Authorization Flaw in privilege-escalation (CVE-2026-11577)
vulnerability in privilege-escalation (CVE-2026-11577). Successful exploitation can lead to full system takeover. Exploitable via `POST /admin/realms/{realm}/partialImport`.
CVE-2026-21036 Authorization Flaw in samsung (CVE-2026-21036)
vulnerability in samsung (CVE-2026-21036). Confidential information can be exposed externally.
CVE-2026-21031 Authorization Flaw in samsung (CVE-2026-21031)
vulnerability in samsung (CVE-2026-21031). Successful exploitation can lead to full system takeover.
CVE-2026-42547 Authorization Flaw in CVE-2026-42547 (CVE-2026-42547)
vulnerability in CVE-2026-42547 (CVE-2026-42547). Risk of unauthorized operations or information disclosure.
CVE-2026-50266 Authorization Flaw in CVE-2026-50266 (CVE-2026-50266)
vulnerability in CVE-2026-50266 (CVE-2026-50266). Risk of unauthorized operations or information disclosure.
CVE-2026-10815 Vulnerability in CVE-2026-10815 (CVE-2026-10815)
vulnerability in CVE-2026-10815 (CVE-2026-10815). Risk of unauthorized operations or information disclosure.
CVE-2026-10860 Authorization Flaw in misp (CVE-2026-10860)
vulnerability in misp (CVE-2026-10860). Data can be tampered with by attackers.
CVE-2026-41283 Authorization Flaw in CVE-2026-41283 (CVE-2026-41283)
vulnerability in CVE-2026-41283 (CVE-2026-41283). Successful exploitation can lead to full system takeover.
CVE-2025-14774 Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.
Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.
CVE-2026-44654 Authorization Flaw in librechat (CVE-2026-44654)
vulnerability in librechat (CVE-2026-44654). Data can be tampered with by attackers. Exploitable via `DELETE /api/files`.
CVE-2026-35482 Authorization Flaw in CVE-2026-35482 (CVE-2026-35482)
vulnerability in CVE-2026-35482 (CVE-2026-35482). Successful exploitation can lead to full system takeover. Exploitable via ``returnClass``.
CVE-2026-10616 Vulnerability in CVE-2026-10616 (CVE-2026-10616)
vulnerability in CVE-2026-10616 (CVE-2026-10616). Risk of unauthorized operations or information disclosure.
CVE-2026-3514 Authorization Flaw in prefect (CVE-2026-3514)
vulnerability in prefect (CVE-2026-3514). Confidential information can be exposed externally.
CVE-2026-9048 Authorization Flaw in wordpress (CVE-2026-9048)
vulnerability in wordpress (CVE-2026-9048). Risk of unauthorized operations or information disclosure.
CVE-2025-32348 Authorization Flaw in google (CVE-2025-32348)
vulnerability in google (CVE-2025-32348). Successful exploitation can lead to full system takeover.
CVE-2026-45426 Authorization Flaw in apache-airflow (CVE-2026-45426)
vulnerability in apache-airflow (CVE-2026-45426). Risk of unauthorized operations or information disclosure. Exploitable via ``sub``. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-10211 Vulnerability in CVE-2026-10211 (CVE-2026-10211)
vulnerability in CVE-2026-10211 (CVE-2026-10211). Risk of unauthorized operations or information disclosure.
CVE-2026-49376 In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
In JetBrains TeamCity before 2026.1 insufficient username validation in the SAML plugin
CVE-2026-49369 Authorization Flaw in jetbrains (CVE-2026-49369)
vulnerability in jetbrains (CVE-2026-49369). Risk of unauthorized operations or information disclosure.
CVE-2026-35674 Authorization Flaw in openclaw (CVE-2026-35674)
vulnerability in openclaw (CVE-2026-35674). Successful exploitation can lead to full system takeover.
CVE-2026-35673 Authorization Flaw in ssrf (CVE-2026-35673)
vulnerability in ssrf (CVE-2026-35673). Confidential information can be exposed externally.
CVE-2026-34507 Authorization Flaw in openclaw (CVE-2026-34507)
vulnerability in openclaw (CVE-2026-34507). Risk of unauthorized operations or information disclosure.
CVE-2026-32906 Authorization Flaw in privilege-escalation (CVE-2026-32906)
vulnerability in privilege-escalation (CVE-2026-32906). Risk of unauthorized operations or information disclosure.
CVE-2026-41235 Authorization Flaw in froxlor/froxlor (CVE-2026-41235)
vulnerability in froxlor/froxlor (CVE-2026-41235). Successful exploitation can lead to full system takeover. Exploitable via `POST /customer_ftp.php`. Mitigation: upgrade to `2.3.7` or later.
CVE-2026-48501 Authorization Flaw in github.com/cli/cli/v2 (CVE-2026-48501)
vulnerability in github.com/cli/cli/v2 (CVE-2026-48501). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `2.93.0` or later.
CVE-2026-9808 Authorization Flaw in mautic/core (CVE-2026-9808)
vulnerability in mautic/core (CVE-2026-9808). Confidential information can be exposed externally. Exploitable via ``viewown``. Mitigation: upgrade to `7.1.2` or later.
CVE-2026-49299 Authorization Flaw in neutron (CVE-2026-49299)
vulnerability in neutron (CVE-2026-49299). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.0.4` or later.
CVE-2026-46823 Authorization Flaw in c (CVE-2026-46823)
vulnerability in c (CVE-2026-46823). Confidential information can be exposed externally.
CVE-2026-45042 Authorization Flaw in CVE-2026-45042 (CVE-2026-45042)
vulnerability in CVE-2026-45042 (CVE-2026-45042). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.0.0-beta.2` or later.
CVE-2026-44394 Authorization Flaw in keystone (CVE-2026-44394)
vulnerability in keystone (CVE-2026-44394). Risk of unauthorized operations or information disclosure. Exploitable via `POST /v3/auth/tokens`. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-42999 Vulnerability in keystone (CVE-2026-42999)
vulnerability in keystone (CVE-2026-42999). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-43000 Vulnerability in keystone (CVE-2026-43000)
vulnerability in keystone (CVE-2026-43000). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-42998 Authorization Flaw in keystone (CVE-2026-42998)
vulnerability in keystone (CVE-2026-42998). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `29.0.2` or later.
CVE-2026-45297 Vulnerability in CVE-2026-45297 (CVE-2026-45297)
vulnerability in CVE-2026-45297 (CVE-2026-45297). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.26.0` or later.
CVE-2026-22872 Vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872)
vulnerability in github.com/projectcapsule/capsule (CVE-2026-22872). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.13.0` or later.
CVE-2026-40914 Authorization Flaw in org.apache.artemis:artemis-stomp-protocol (CVE-2026-40914)
vulnerability in org.apache.artemis:artemis-stomp-protocol (CVE-2026-40914). Risk of unauthorized operations or information disclosure.
CVE-2026-9807 Authorization Flaw in gitlab (CVE-2026-9807)
vulnerability in gitlab (CVE-2026-9807). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.1` or later.
CVE-2026-9791 Authorization Flaw in org.keycloak:keycloak-server-spi-private (CVE-2026-9791)
vulnerability in org.keycloak:keycloak-server-spi-private (CVE-2026-9791). Risk of unauthorized operations or information disclosure.
CVE-2026-48064 Authorization Flaw in CVE-2026-48064 (CVE-2026-48064)
vulnerability in CVE-2026-48064 (CVE-2026-48064). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.9.1` or later.
CVE-2026-45108 Authorization Flaw in CVE-2026-45108 (CVE-2026-45108)
vulnerability in CVE-2026-45108 (CVE-2026-45108). Confidential information can be exposed externally. Mitigation: upgrade to `3.1.5` or later.
CVE-2026-6713 Authorization Flaw in gitlab (CVE-2026-6713)
vulnerability in gitlab (CVE-2026-6713). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.7, 18.11.4, 19.0.2` or later.
CVE-2026-48152 Authorization Flaw in @budibase/server (CVE-2026-48152)
vulnerability in @budibase/server (CVE-2026-48152). Confidential information can be exposed externally. Exploitable via `GET /api/datasources/`. Mitigation: upgrade to `3.39.0` or later.
CVE-2026-45081 Authorization Flaw in CVE-2026-45081 (CVE-2026-45081)
vulnerability in CVE-2026-45081 (CVE-2026-45081). Confidential information can be exposed externally. Mitigation: upgrade to `16.5.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →