Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: privilege-escalation Clear
ID Title
CVE-2026-0251 Vulnerability in privilege-escalation (CVE-2026-0251)
vulnerability in privilege-escalation (CVE-2026-0251). Risk of unauthorized operations or information disclosure.
CVE-2026-44470 Vulnerability in privilege-escalation (CVE-2026-44470)
vulnerability in privilege-escalation (CVE-2026-44470). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.3834.0` or later.
CVE-2026-42924 OS Command Injection in privilege-escalation (CVE-2026-42924)
OS command injection in privilege-escalation (CVE-2026-42924). Confidential information can be exposed externally.
CVE-2026-41953 Command Injection in privilege-escalation (CVE-2026-41953)
command injection in privilege-escalation (CVE-2026-41953). Confidential information can be exposed externally.
CVE-2026-40631 Vulnerability in privilege-escalation (CVE-2026-40631)
vulnerability in privilege-escalation (CVE-2026-40631). Confidential information can be exposed externally.
CVE-2026-40698 Command Injection in privilege-escalation (CVE-2026-40698)
command injection in privilege-escalation (CVE-2026-40698). Confidential information can be exposed externally.
CVE-2024-47091 Vulnerability in privilege-escalation (CVE-2024-47091)
vulnerability in privilege-escalation (CVE-2024-47091). Risk of unauthorized operations or information disclosure.
CVE-2025-62623 Buffer Overflow in privilege-escalation (CVE-2025-62623)
vulnerability in privilege-escalation (CVE-2025-62623). Risk of unauthorized operations or information disclosure.
CVE-2025-62624 Vulnerability in privilege-escalation (CVE-2025-62624)
vulnerability in privilege-escalation (CVE-2025-62624). Risk of unauthorized operations or information disclosure.
CVE-2026-8449 Out-of-Bounds Read in privilege-escalation (CVE-2026-8449)
vulnerability in privilege-escalation (CVE-2026-8449). Successful exploitation can lead to full system takeover.
CVE-2026-30810 SSRF (Server-Side Request Forgery) in privilege-escalation (CVE-2026-30810)
SSRF in privilege-escalation (CVE-2026-30810). Successful exploitation can lead to full system takeover.
CVE-2026-2465 Authorization Flaw in privilege-escalation (CVE-2026-2465)
vulnerability in privilege-escalation (CVE-2026-2465). Successful exploitation can lead to full system takeover.
CVE-2026-8072 Vulnerability in privilege-escalation (CVE-2026-8072)
vulnerability in privilege-escalation (CVE-2026-8072). Risk of unauthorized operations or information disclosure.
CVE-2026-0541 Vulnerability in privilege-escalation (CVE-2026-0541)
vulnerability in privilege-escalation (CVE-2026-0541). Successful exploitation can lead to full system takeover.
CVE-2026-0802 Vulnerability in privilege-escalation (CVE-2026-0802)
vulnerability in privilege-escalation (CVE-2026-0802). Confidential information can be exposed externally.
CVE-2026-0804 Vulnerability in path-traversal (CVE-2026-0804)
vulnerability in path-traversal (CVE-2026-0804). Successful exploitation can lead to full system takeover.
CVE-2026-1185 Vulnerability in privilege-escalation (CVE-2026-1185)
vulnerability in privilege-escalation (CVE-2026-1185). Risk of unauthorized operations or information disclosure.
CVE-2026-41489 Vulnerability in privilege-escalation (CVE-2026-41489)
vulnerability in privilege-escalation (CVE-2026-41489). Successful exploitation can lead to full system takeover.
CVE-2026-34390 Vulnerability in mantisbt/mantisbt (CVE-2026-34390)
vulnerability in mantisbt/mantisbt (CVE-2026-34390). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /project/{id}/users`. Mitigation: upgrade to `2.28.2` or later.
CVE-2026-38568 Vulnerability in privilege-escalation (CVE-2026-38568)
vulnerability in privilege-escalation (CVE-2026-38568). Confidential information can be exposed externally.
CVE-2026-3609 Vulnerability in privilege-escalation (CVE-2026-3609)
vulnerability in privilege-escalation (CVE-2026-3609). Successful exploitation can lead to full system takeover.
CVE-2026-7813 Vulnerability in pgadmin4 (CVE-2026-7813)
vulnerability in pgadmin4 (CVE-2026-7813). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.
CVE-2025-9973 Vulnerability in privilege-escalation (CVE-2025-9973)
vulnerability in privilege-escalation (CVE-2025-9973). Confidential information can be exposed externally.
CVE-2021-47932 Vulnerability in wordpress (CVE-2021-47932)
vulnerability in wordpress (CVE-2021-47932). Successful exploitation can lead to full system takeover.
CVE-2026-42571 Authorization Flaw in github.com/pelicanplatform/pelican (CVE-2026-42571)
vulnerability in github.com/pelicanplatform/pelican (CVE-2026-42571). Risk of unauthorized operations or information disclosure. Exploitable via ``Issuer.GroupSource``. Mitigation: upgrade to `0.0.0-20260408120501-7f73b9c3e677` or later.
CVE-2026-42205 Vulnerability in avo (CVE-2026-42205)
vulnerability in avo (CVE-2026-42205). Successful exploitation can lead to full system takeover. Exploitable via `POST /admin/resources/posts/actions`. Mitigation: upgrade to `3.31.2` or later.
CVE-2026-29203 Vulnerability in privilege-escalation (CVE-2026-29203)
vulnerability in privilege-escalation (CVE-2026-29203). Successful exploitation can lead to full system takeover.
CVE-2026-34354 Vulnerability in privilege-escalation (CVE-2026-34354)
vulnerability in privilege-escalation (CVE-2026-34354). Successful exploitation can lead to full system takeover.
CVE-2013-10075 Vulnerability in apache (CVE-2013-10075)
vulnerability in apache (CVE-2013-10075). Confidential information can be exposed externally.
CVE-2026-8069 Path Traversal in privilege-escalation (CVE-2026-8069)
path traversal in privilege-escalation (CVE-2026-8069). Risk of unauthorized operations or information disclosure.
CVE-2026-41501 Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2026-42880 Information Disclosure in argo-cd (CVE-2026-42880)
vulnerability in argo-cd (CVE-2026-42880). Confidential information can be exposed externally.
CVE-2025-63706 Code Injection in npm (CVE-2025-63706)
code injection in npm (CVE-2025-63706). Successful exploitation can lead to full system takeover.
CVE-2026-44406 Vulnerability in privilege-escalation (CVE-2026-44406)
vulnerability in privilege-escalation (CVE-2026-44406). Risk of unauthorized operations or information disclosure.
SUSE-SU-2026:1741-1 Vulnerability in privilege-escalation (SUSE-SU-2026:1741-1)
vulnerability in privilege-escalation (SUSE-SU-2026:1741-1). Risk of unauthorized operations or information disclosure.
CVE-2026-40004 Vulnerability in privilege-escalation (CVE-2026-40004)
vulnerability in privilege-escalation (CVE-2026-40004). Confidential information can be exposed externally.
CVE-2026-43206 Out-of-Bounds Write in privilege-escalation (CVE-2026-43206)
out-of-bounds write in privilege-escalation (CVE-2026-43206). Successful exploitation can lead to full system takeover.
CVE-2026-43117 Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
CVE-2026-27960 Authentication Bypass in pycti (CVE-2026-27960)
authentication bypass in pycti (CVE-2026-27960). Successful exploitation can lead to full system takeover. Exploitable via ``APP__ADMIN__EXTERNALLY_MANAGED``. Mitigation: upgrade to `6.9.13` or later.
CVE-2026-43067 Vulnerability in linux (CVE-2026-43067)
vulnerability in linux (CVE-2026-43067). Successful exploitation can lead to full system takeover.
CVE-2025-58074 Vulnerability in privilege-escalation (CVE-2025-58074)
vulnerability in privilege-escalation (CVE-2025-58074). Successful exploitation can lead to full system takeover.
CVE-2026-42367 Vulnerability in c (CVE-2026-42367)
vulnerability in c (CVE-2026-42367). Confidential information can be exposed externally.
CVE-2026-42368 Vulnerability in privilege-escalation (CVE-2026-42368)
vulnerability in privilege-escalation (CVE-2026-42368). Successful exploitation can lead to full system takeover.
CVE-2026-37525 Privilege Escalation in c (CVE-2026-37525)
vulnerability in c (CVE-2026-37525). Successful exploitation can lead to full system takeover.
CVE-2026-31431 KEV [KEV] Vulnerability in Linux redhat (CVE-2026-31431)
vulnerability in Linux redhat (CVE-2026-31431). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-5141 Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
Improper Privilege Management, Improper Access Control, Incorrect privilege assignment...
CVE-2026-41952 Vulnerability in privilege-escalation (CVE-2026-41952)
vulnerability in privilege-escalation (CVE-2026-41952). Successful exploitation can lead to full system takeover.
CVE-2026-25852 Vulnerability in privilege-escalation (CVE-2026-25852)
vulnerability in privilege-escalation (CVE-2026-25852). Successful exploitation can lead to full system takeover.
CVE-2026-41220 Out-of-Bounds Write in privilege-escalation (CVE-2026-41220)
out-of-bounds write in privilege-escalation (CVE-2026-41220). Successful exploitation can lead to full system takeover.
CVE-2026-42432 Vulnerability in openclaw (CVE-2026-42432)
vulnerability in openclaw (CVE-2026-42432). Successful exploitation can lead to full system takeover. Exploitable via ``openclaw``. Mitigation: upgrade to `2026.4.8` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →