Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: privilege-escalation Clear
ID Title
CVE-2026-46490 Vulnerability in samlify (CVE-2026-46490)
vulnerability in samlify (CVE-2026-46490). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.13.0` or later.
CVE-2026-45207 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-45208 A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker...
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker...
CVE-2026-45206 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34927 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34928 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34929 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-34930 An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to...
CVE-2026-5118 Privilege Escalation in wordpress (CVE-2026-5118)
vulnerability in wordpress (CVE-2026-5118). Successful exploitation can lead to full system takeover.
CVE-2026-48172 KEV [KEV] Vulnerability in Litespeed privilege-escalation (CVE-2026-48172)
vulnerability in Litespeed privilege-escalation (CVE-2026-48172). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-29518 Vulnerability in privilege-escalation (CVE-2026-29518)
vulnerability in privilege-escalation (CVE-2026-29518). Successful exploitation can lead to full system takeover.
CVE-2026-7284 Privilege Escalation in wordpress (CVE-2026-7284)
vulnerability in wordpress (CVE-2026-7284). Successful exploitation can lead to full system takeover.
CVE-2026-7467 Privilege Escalation in wordpress (CVE-2026-7467)
vulnerability in wordpress (CVE-2026-7467). Successful exploitation can lead to full system takeover.
CVE-2026-6456 Authentication Bypass in wordpress (CVE-2026-6456)
authentication bypass in wordpress (CVE-2026-6456). Successful exploitation can lead to full system takeover. Exploitable via ``rememberLogin``.
CVE-2026-34246 Vulnerability in privilege-escalation (CVE-2026-34246)
vulnerability in privilege-escalation (CVE-2026-34246). Risk of unauthorized operations or information disclosure.
CVE-2026-34358 Vulnerability in privilege-escalation (CVE-2026-34358)
vulnerability in privilege-escalation (CVE-2026-34358). Confidential information can be exposed externally.
CVE-2026-8370 Vulnerability in privilege-escalation (CVE-2026-8370)
vulnerability in privilege-escalation (CVE-2026-8370). Risk of unauthorized operations or information disclosure.
CVE-2026-30118 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-30118)
SSRF in ssrf (CVE-2026-30118). Successful exploitation can lead to full system takeover.
CVE-2026-8970 Privilege Escalation in privilege-escalation (CVE-2026-8970)
vulnerability in privilege-escalation (CVE-2026-8970). Successful exploitation can lead to full system takeover.
CVE-2026-8972 Privilege Escalation in privilege-escalation (CVE-2026-8972)
vulnerability in privilege-escalation (CVE-2026-8972). Successful exploitation can lead to full system takeover.
CVE-2026-8957 Privilege Escalation in privilege-escalation (CVE-2026-8957)
vulnerability in privilege-escalation (CVE-2026-8957). Successful exploitation can lead to full system takeover.
CVE-2026-8952 Privilege Escalation in privilege-escalation (CVE-2026-8952)
vulnerability in privilege-escalation (CVE-2026-8952). Successful exploitation can lead to full system takeover.
CVE-2026-8955 Privilege Escalation in privilege-escalation (CVE-2026-8955)
vulnerability in privilege-escalation (CVE-2026-8955). Successful exploitation can lead to full system takeover.
CVE-2026-22069 A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the...
A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the...
CVE-2026-32323 Privilege Escalation in privilege-escalation (CVE-2026-32323)
vulnerability in privilege-escalation (CVE-2026-32323). Successful exploitation can lead to full system takeover.
CVE-2026-45716 Privilege Escalation in @budibase/worker (CVE-2026-45716)
vulnerability in @budibase/worker (CVE-2026-45716). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/global/users/onboard`. Mitigation: upgrade to `3.38.1` or later.
CVE-2026-41085 Privilege Escalation in privilege-escalation (CVE-2026-41085)
vulnerability in privilege-escalation (CVE-2026-41085). Successful exploitation can lead to full system takeover.
CVE-2026-4320 Vulnerability in privilege-escalation (CVE-2026-4320)
vulnerability in privilege-escalation (CVE-2026-4320). Risk of unauthorized operations or information disclosure.
CVE-2026-8719 Privilege Escalation in wordpress (CVE-2026-8719)
vulnerability in wordpress (CVE-2026-8719). Successful exploitation can lead to full system takeover.
CVE-2026-6228 Privilege Escalation in wordpress (CVE-2026-6228)
vulnerability in wordpress (CVE-2026-6228). Successful exploitation can lead to full system takeover.
CVE-2026-41702 VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an...
CVE-2024-36333 Vulnerability in privilege-escalation (CVE-2024-36333)
vulnerability in privilege-escalation (CVE-2024-36333). Successful exploitation can lead to full system takeover.
CVE-2025-54518 Vulnerability in privilege-escalation (CVE-2025-54518)
vulnerability in privilege-escalation (CVE-2025-54518). Successful exploitation can lead to full system takeover.
CVE-2025-29936 Vulnerability in privilege-escalation (CVE-2025-29936)
vulnerability in privilege-escalation (CVE-2025-29936). Risk of unauthorized operations or information disclosure.
CVE-2026-7373 Vulnerability in privilege-escalation (CVE-2026-7373)
vulnerability in privilege-escalation (CVE-2026-7373). Risk of unauthorized operations or information disclosure.
CVE-2024-21962 Vulnerability in privilege-escalation (CVE-2024-21962)
vulnerability in privilege-escalation (CVE-2024-21962). Risk of unauthorized operations or information disclosure.
CVE-2025-52540 Out-of-Bounds Write in privilege-escalation (CVE-2025-52540)
out-of-bounds write in privilege-escalation (CVE-2025-52540). Risk of unauthorized operations or information disclosure.
CVE-2026-0432 Vulnerability in privilege-escalation (CVE-2026-0432)
vulnerability in privilege-escalation (CVE-2026-0432). Risk of unauthorized operations or information disclosure.
CVE-2025-48512 Vulnerability in privilege-escalation (CVE-2025-48512)
vulnerability in privilege-escalation (CVE-2025-48512). Risk of unauthorized operations or information disclosure.
CVE-2025-48519 Out-of-Bounds Write in privilege-escalation (CVE-2025-48519)
out-of-bounds write in privilege-escalation (CVE-2025-48519). Risk of unauthorized operations or information disclosure.
CVE-2026-8629 Vulnerability in privilege-escalation (CVE-2026-8629)
vulnerability in privilege-escalation (CVE-2026-8629). Confidential information can be exposed externally.
CVE-2026-8557 Use-After-Free in privilege-escalation (CVE-2026-8557)
vulnerability in privilege-escalation (CVE-2026-8557). Successful exploitation can lead to full system takeover.
CVE-2026-8547 Vulnerability in privilege-escalation (CVE-2026-8547)
vulnerability in privilege-escalation (CVE-2026-8547). Successful exploitation can lead to full system takeover.
CVE-2026-45665 Cross-Site Scripting (XSS) in open-webui (CVE-2026-45665)
cross-site scripting in open-webui (CVE-2026-45665). Confidential information can be exposed externally. Exploitable via ``marked.parse``. Mitigation: upgrade to `0.8.0` or later.
CVE-2026-26062 Vulnerability in github.com/fleetdm/fleet/v4 (CVE-2026-26062)
vulnerability in github.com/fleetdm/fleet/v4 (CVE-2026-26062). Risk of unauthorized operations or information disclosure. Exploitable via ``PublishLogs``. Mitigation: upgrade to `4.81.0` or later.
CVE-2026-24000 Vulnerability in github.com/fleetdm/fleet/v4 (CVE-2026-24000)
vulnerability in github.com/fleetdm/fleet/v4 (CVE-2026-24000). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.80.1` or later.
CVE-2026-6510 Vulnerability in wordpress (CVE-2026-6510)
vulnerability in wordpress (CVE-2026-6510). Successful exploitation can lead to full system takeover.
CVE-2026-6506 Vulnerability in wordpress (CVE-2026-6506)
vulnerability in wordpress (CVE-2026-6506). Successful exploitation can lead to full system takeover.
CVE-2026-5193 Privilege Escalation in wordpress (CVE-2026-5193)
vulnerability in wordpress (CVE-2026-5193). Data can be tampered with by attackers.
CVE-2026-8181 Authentication Bypass in wordpress (CVE-2026-8181)
authentication bypass in wordpress (CVE-2026-8181). Successful exploitation can lead to full system takeover. Exploitable via `Authorization header`.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →