CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-3XXW-CPF8-X9HQ
Vulnerability from github – Published: 2025-07-22 03:30 – Updated: 2025-07-22 03:30A vulnerability classified as critical has been found in jshERP up to 3.5. Affected is an unknown function of the file /user/delete of the component Account Handler. The manipulation of the argument ID leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-7947"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-639"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-22T01:15:22Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical has been found in jshERP up to 3.5. Affected is an unknown function of the file /user/delete of the component Account Handler. The manipulation of the argument ID leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-3xxw-cpf8-x9hq",
"modified": "2025-07-22T03:30:34Z",
"published": "2025-07-22T03:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7947"
},
{
"type": "WEB",
"url": "https://github.com/jishenghua/jshERP/issues/124"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.317088"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.317088"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.619276"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-422W-959P-3WHV
Vulnerability from github – Published: 2022-05-24 16:46 – Updated: 2024-04-04 00:49A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app with restricted permissions, which required user interaction.
{
"affected": [],
"aliases": [
"CVE-2019-11893"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-05-29T20:29:00Z",
"severity": "HIGH"
},
"details": "A potential incorrect privilege assignment vulnerability exists in the app permission update API of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in a restricted app obtaining default app permissions. In order to exploit the vulnerability, the adversary needs to have successfully paired an app with restricted permissions, which required user interaction.",
"id": "GHSA-422w-959p-3whv",
"modified": "2024-04-04T00:49:20Z",
"published": "2022-05-24T16:46:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11893"
},
{
"type": "WEB",
"url": "https://psirt.bosch.com/Advisory/BOSCH-SA-662084.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-42P3-688Q-33P6
Vulnerability from github – Published: 2023-11-28 21:30 – Updated: 2023-11-28 21:30The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders.
{
"affected": [],
"aliases": [
"CVE-2023-29066"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-28T21:15:08Z",
"severity": "LOW"
},
"details": "The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders.",
"id": "GHSA-42p3-688q-33p6",
"modified": "2023-11-28T21:30:25Z",
"published": "2023-11-28T21:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29066"
},
{
"type": "WEB",
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-42V5-VMQC-JX62
Vulnerability from github – Published: 2025-04-11 09:30 – Updated: 2026-04-01 18:34Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO – On-site SEO allows Privilege Escalation. This issue affects Rankology SEO – On-site SEO: from n/a through 2.2.3.
{
"affected": [],
"aliases": [
"CVE-2025-32491"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-11T09:15:23Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO \u0026#8211; On-site SEO allows Privilege Escalation. This issue affects Rankology SEO \u0026#8211; On-site SEO: from n/a through 2.2.3.",
"id": "GHSA-42v5-vmqc-jx62",
"modified": "2026-04-01T18:34:39Z",
"published": "2025-04-11T09:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32491"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/rankology-seo-all-in-one-seo-analytics/vulnerability/wordpress-rankology-seo-on-site-seo-2-2-3-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-43PX-GPWC-Q84V
Vulnerability from github – Published: 2026-06-08 00:30 – Updated: 2026-06-08 00:30A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.
{
"affected": [],
"aliases": [
"CVE-2026-11466"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-07T23:16:42Z",
"severity": "LOW"
},
"details": "A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.",
"id": "GHSA-43px-gpwc-q84v",
"modified": "2026-06-08T00:30:25Z",
"published": "2026-06-08T00:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11466"
},
{
"type": "WEB",
"url": "https://github.com/zilliztech/deep-searcher/issues/267"
},
{
"type": "WEB",
"url": "https://github.com/zilliztech/deep-searcher/pull/268"
},
{
"type": "WEB",
"url": "https://github.com/zilliztech/deep-searcher"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-11466"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/833652"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/369086"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/369086/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-43XJ-7J8X-M26R
Vulnerability from github – Published: 2024-11-04 18:31 – Updated: 2024-11-04 18:31A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes and file names.
{
"affected": [],
"aliases": [
"CVE-2024-10766"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-434"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-04T18:15:04Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes and file names.",
"id": "GHSA-43xj-7j8x-m26r",
"modified": "2024-11-04T18:31:22Z",
"published": "2024-11-04T18:31:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10766"
},
{
"type": "WEB",
"url": "https://github.com/Charlotte008/cve/issues/3"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.282953"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.282953"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.436478"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-447Q-FG75-99R5
Vulnerability from github – Published: 2026-05-19 06:30 – Updated: 2026-05-19 06:30A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface.
{
"affected": [],
"aliases": [
"CVE-2026-22069"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-19T04:16:25Z",
"severity": "HIGH"
},
"details": "A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface.",
"id": "GHSA-447q-fg75-99r5",
"modified": "2026-05-19T06:30:28Z",
"published": "2026-05-19T06:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22069"
},
{
"type": "WEB",
"url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-2056566978633801728"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-44CF-CPPV-QCVQ
Vulnerability from github – Published: 2025-01-02 15:31 – Updated: 2025-01-02 15:31A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2024-13108"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-02T13:15:06Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-44cf-cppv-qcvq",
"modified": "2025-01-02T15:31:57Z",
"published": "2025-01-02T15:31:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13108"
},
{
"type": "WEB",
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2NetSniper.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.289924"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.289924"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.472088"
},
{
"type": "WEB",
"url": "https://www.dlink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-44VH-88M4-PH9W
Vulnerability from github – Published: 2025-02-14 12:31 – Updated: 2025-02-14 12:31This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other user accounts.
{
"affected": [],
"aliases": [
"CVE-2025-26523"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-14T12:15:29Z",
"severity": "HIGH"
},
"details": "This vulnerability exists in RupeeWeb trading platform due to insufficient authorization controls on certain API endpoints handling addition and deletion operations. Successful exploitation of this vulnerability could allow an authenticated remote attacker to modify information belonging to other user accounts.",
"id": "GHSA-44vh-88m4-ph9w",
"modified": "2025-02-14T12:31:38Z",
"published": "2025-02-14T12:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26523"
},
{
"type": "WEB",
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01\u0026VLCODE=CIVN-2025-0020"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-457R-J4JW-R8C4
Vulnerability from github – Published: 2026-01-29 00:31 – Updated: 2026-01-29 00:31A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
{
"affected": [],
"aliases": [
"CVE-2026-1550"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-28T23:15:51Z",
"severity": "MODERATE"
},
"details": "A security flaw has been discovered in PHPGurukul Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.",
"id": "GHSA-457r-j4jw-r8c4",
"modified": "2026-01-29T00:31:11Z",
"published": "2026-01-29T00:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1550"
},
{
"type": "WEB",
"url": "https://github.com/rsecroot/Hospital-Management-System/blob/main/Broken%20Access%20Control.md"
},
{
"type": "WEB",
"url": "https://phpgurukul.com"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.343246"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.343246"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.739837"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.