Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-688C-H9C2-FFWG

Vulnerability from github – Published: 2026-03-30 18:31 – Updated: 2026-03-30 18:31
VLAI
Details

A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is told to be difficult. The identifier of the patch is f0f24a2a901cbf159260698211ab15c583ced131. To fix this issue, it is recommended to deploy a patch.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-5124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-30T17:16:16Z",
    "severity": "MODERATE"
  },
  "details": "A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The attack is considered to have high complexity. The exploitability is told to be difficult. The identifier of the patch is f0f24a2a901cbf159260698211ab15c583ced131. To fix this issue, it is recommended to deploy a patch.",
  "id": "GHSA-688c-h9c2-ffwg",
  "modified": "2026-03-30T18:31:18Z",
  "published": "2026-03-30T18:31:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5124"
    },
    {
      "type": "WEB",
      "url": "https://github.com/osrg/gobgp/pull/3340"
    },
    {
      "type": "WEB",
      "url": "https://github.com/osrg/gobgp/commit/f0f24a2a901cbf159260698211ab15c583ced131"
    },
    {
      "type": "WEB",
      "url": "https://github.com/osrg/gobgp"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/780189"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/354156"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/354156/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-68G3-QQ95-RPV3

Vulnerability from github – Published: 2026-01-07 12:31 – Updated: 2026-04-28 21:35
VLAI
Details

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-31643"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-07T12:17:01Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0.",
  "id": "GHSA-68g3-qq95-rpv3",
  "modified": "2026-04-28T21:35:54Z",
  "published": "2026-01-07T12:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31643"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/church-management/vulnerability/wordpress-wpchurch-2-7-0-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-68WX-JP22-PW7G

Vulnerability from github – Published: 2025-03-31 15:30 – Updated: 2025-03-31 15:30
VLAI
Details

A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2995"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-31T13:15:45Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-68wx-jp22-pw7g",
  "modified": "2025-03-31T15:30:44Z",
  "published": "2025-03-31T15:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2995"
    },
    {
      "type": "WEB",
      "url": "https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-SysToolChangePwd-1bc53a41781f809b95a4efb617090d3c"
    },
    {
      "type": "WEB",
      "url": "https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-SysToolChangePwd-1bc53a41781f809b95a4efb617090d3c?pvs=4"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.302044"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.302044"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.523418"
    },
    {
      "type": "WEB",
      "url": "https://www.tenda.com.cn"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-69F2-6MJQ-5XCX

Vulnerability from github – Published: 2025-09-12 03:33 – Updated: 2025-09-12 03:33
VLAI
Details

A vulnerability was detected in YunaiV yudao-cloud up to 2025.09. This issue affects some unknown processing of the file /crm/receivable/submit. The manipulation of the argument ID results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10277"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-12T03:15:41Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was detected in YunaiV yudao-cloud up to 2025.09. This issue affects some unknown processing of the file /crm/receivable/submit. The manipulation of the argument ID results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-69f2-6mjq-5xcx",
  "modified": "2025-09-12T03:33:06Z",
  "published": "2025-09-12T03:33:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10277"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.323647"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.323647"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.643808"
    },
    {
      "type": "WEB",
      "url": "https://www.cnblogs.com/aibot/p/19063575"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-69QV-V93W-QXCP

Vulnerability from github – Published: 2025-07-22 21:31 – Updated: 2025-08-10 03:30
VLAI
Details

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover parameter in a Request%20Building%20Access requestSubmit API call.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-31513"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-22T20:15:25Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover parameter in a Request%20Building%20Access requestSubmit API call.",
  "id": "GHSA-69qv-v93w-qxcp",
  "modified": "2025-08-10T03:30:30Z",
  "published": "2025-07-22T21:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31513"
    },
    {
      "type": "WEB",
      "url": "https://alertenterprise.com/switch-to-guardian"
    },
    {
      "type": "WEB",
      "url": "https://alertenterprise.screenstepslive.com/a/1969949-alertenterprise-security-advisory-july-2025"
    },
    {
      "type": "WEB",
      "url": "https://x.com/pand0rausa/status/1947477020809826359"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6C95-FQC7-4P3J

Vulnerability from github – Published: 2026-06-08 09:31 – Updated: 2026-06-08 09:32
VLAI
Details

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-11494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-08T07:16:27Z",
    "severity": "LOW"
  },
  "details": "A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.",
  "id": "GHSA-6c95-fqc7-4p3j",
  "modified": "2026-06-08T09:32:00Z",
  "published": "2026-06-08T09:31:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11494"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-11494"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/834819"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369114"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369114/cti"
    },
    {
      "type": "WEB",
      "url": "https://www.notion.so/TOTOLink-AC1200T8-V4-1-5cu-8611-3671f5ba989080a6aa03e6adbdd1d104?source=copy_link"
    },
    {
      "type": "WEB",
      "url": "https://www.totolink.net"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-6F4X-X656-Q884

Vulnerability from github – Published: 2023-04-12 15:30 – Updated: 2026-04-08 18:32
VLAI
Details

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wpda_role[]' parameter during a profile update. This requires the 'Enable role management' setting to be enabled for the site.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1874"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-12T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiple_roles_update function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the \u0027wpda_role[]\u0027 parameter during a profile update. This requires the \u0027Enable role management\u0027 setting to be enabled for the site.",
  "id": "GHSA-6f4x-x656-q884",
  "modified": "2026-04-08T18:32:04Z",
  "published": "2023-04-12T15:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1874"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/wp-data-access/tags/5.3.7/WPDataRoles/WPDA_Roles.php#L50"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/wp-data-access/tags/5.3.8/WPDataRoles/WPDA_Roles.php#L23"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/wp-data-access/tags/5.3.8/WPDataRoles/WPDA_Roles.php#L50"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/blog/2023/04/privilege-escalation-vulnerability-patched-promptly-in-wp-data-access-wordpress-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f562e33-2aef-46f0-8a65-691155ede9e7?source=cve"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/171825/WordPress-WP-Data-Access-5.3.7-Privilege-Escalation.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6FVR-66P3-3QJ4

Vulnerability from github – Published: 2026-07-02 16:05 – Updated: 2026-07-02 16:05
VLAI
Summary
OpenClaw: Hook-triggered CLI runs could receive owner MCP tool authority
Details

Summary

OpenClaw hook ingress can start automated agent runs using a configured hook token. In affected releases, a hook-triggered run could select a bundled CLI backend that received owner-scoped MCP loopback authority instead of a scope appropriate for hook ingress.

This issue affects the boundary between hook-token automation and owner-only MCP tools. It does not affect deployments with hooks disabled.

Affected configurations

This affects deployments where hooks are enabled, /hooks/agent is reachable with a valid hook token, and a bundled CLI backend can be selected for the hook-triggered run.

Impact

A caller with the hook token could cause the spawned CLI runtime to see or call MCP tools that should have been owner-only. The practical impact depends on which MCP tools are available; the reported proof used persistent cron state as a representative owner-only action.

Patched Versions

The first stable patched version is 2026.5.20.

Fixed in the 2026.5.20 stable release.

Mitigations

Upgrade to openclaw@2026.5.20 or later. Keep hook tokens secret, restrict network access to hook endpoints, and disable hooks when they are not needed.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openclaw"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2026.5.20"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-53814"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-266",
      "CWE-284"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-02T16:05:03Z",
    "nvd_published_at": "2026-06-11T21:16:23Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nOpenClaw hook ingress can start automated agent runs using a configured hook token. In affected releases, a hook-triggered run could select a bundled CLI backend that received owner-scoped MCP loopback authority instead of a scope appropriate for hook ingress.\n\nThis issue affects the boundary between hook-token automation and owner-only MCP tools. It does not affect deployments with hooks disabled.\n\n### Affected configurations\n\nThis affects deployments where hooks are enabled, `/hooks/agent` is reachable with a valid hook token, and a bundled CLI backend can be selected for the hook-triggered run.\n\n### Impact\n\nA caller with the hook token could cause the spawned CLI runtime to see or call MCP tools that should have been owner-only. The practical impact depends on which MCP tools are available; the reported proof used persistent cron state as a representative owner-only action.\n\n### Patched Versions\n\nThe first stable patched version is `2026.5.20`.\n\nFixed in the `2026.5.20` stable release.\n\n### Mitigations\n\nUpgrade to `openclaw@2026.5.20` or later. Keep hook tokens secret, restrict network access to hook endpoints, and disable hooks when they are not needed.",
  "id": "GHSA-6fvr-66p3-3qj4",
  "modified": "2026-07-02T16:05:03Z",
  "published": "2026-07-02T16:05:03Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/openclaw/openclaw/security/advisories/GHSA-6fvr-66p3-3qj4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53814"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/openclaw/openclaw"
    },
    {
      "type": "WEB",
      "url": "https://www.vulncheck.com/advisories/openclaw-privilege-escalation-via-hook-triggered-cli-mcp-tool-authority"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenClaw: Hook-triggered CLI runs could receive owner MCP tool authority"
}

GHSA-6FWV-2GRG-RCPX

Vulnerability from github – Published: 2024-07-02 09:32 – Updated: 2024-07-02 09:32
VLAI
Details

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-37132"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-02T08:15:05Z",
    "severity": "MODERATE"
  },
  "details": "Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges.",
  "id": "GHSA-6fwv-2grg-rcpx",
  "modified": "2024-07-02T09:32:06Z",
  "published": "2024-07-02T09:32:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37132"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000226569/dsa-2024-255-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-6G8V-P5HP-PMC2

Vulnerability from github – Published: 2025-12-18 21:31 – Updated: 2025-12-18 21:31
VLAI
Details

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-14889"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-18T20:15:55Z",
    "severity": "MODERATE"
  },
  "details": "A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.",
  "id": "GHSA-6g8v-p5hp-pmc2",
  "modified": "2025-12-18T21:31:43Z",
  "published": "2025-12-18T21:31:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14889"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/nikstudy576-maker/82e1e1ede9b848880aa09b87b92bc22c"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.337378"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.337378"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.715643"
    },
    {
      "type": "WEB",
      "url": "https://www.campcodes.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.