Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-7X63-6WWC-QG67

Vulnerability from github – Published: 2025-05-26 03:30 – Updated: 2025-05-26 03:30
VLAI
Details

A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-5163"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-26T02:15:18Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as problematic, was found in yangshare \u6280\u672f\u6768\u5de5 warehouseManager \u4ed3\u5e93\u7ba1\u7406\u7cfb\u7edf 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-7x63-6wwc-qg67",
  "modified": "2025-05-26T03:30:25Z",
  "published": "2025-05-26T03:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5163"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sumingwjl/cve/issues/1"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.310251"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.310251"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.576315"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-7XF9-4JFC-WGM4

Vulnerability from github – Published: 2026-03-26 21:31 – Updated: 2026-04-06 16:41
VLAI
Summary
Keycloak: manage-clients permission escalates to full realm admin access
Details

A flaw was found in Keycloak. An administrator with manage-clients permission can exploit a misconfiguration where this permission is equivalent to manage-permissions. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.keycloak:keycloak-services"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.5.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-3121"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-29T15:45:17Z",
    "nvd_published_at": "2026-03-26T19:17:06Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level.",
  "id": "GHSA-7xf9-4jfc-wgm4",
  "modified": "2026-04-06T16:41:13Z",
  "published": "2026-03-26T21:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3121"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/issues/46719"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/commit/79ab3110a257fb8d6f1a664c916687128094ed01"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:6477"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:6478"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-3121"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442277"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/keycloak/keycloak"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Keycloak: manage-clients permission escalates to full realm admin access"
}

GHSA-7XG6-2WHQ-73VV

Vulnerability from github – Published: 2025-07-28 09:31 – Updated: 2026-04-29 04:11
VLAI
Details

A vulnerability was found in Vaelsys 4.1.0 and classified as critical. This issue affects some unknown processing of the file /grid/vgrid_server.php of the component User Creation Handler. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-8261"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-28T07:15:25Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was found in Vaelsys 4.1.0 and classified as critical. This issue affects some unknown processing of the file /grid/vgrid_server.php of the component User Creation Handler. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-7xg6-2whq-73vv",
  "modified": "2026-04-29T04:11:39Z",
  "published": "2025-07-28T09:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8261"
    },
    {
      "type": "WEB",
      "url": "https://github.com/waiwai24/0101/blob/main/CVEs/Vaelsys/Unauthorized_User_Creation_Vulnerability_Exists_in_Vaelsys_V4_Platform.md"
    },
    {
      "type": "WEB",
      "url": "https://vaelsys.github.io/security-advisory/advisories/VSEC_V4_2025_07_0003.html"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.317849"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.317849"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.616924"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/616924"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/317849"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/317849/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-7XJ3-8M97-M2JR

Vulnerability from github – Published: 2025-01-02 12:32 – Updated: 2025-01-02 12:32
VLAI
Details

A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-13103"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-01-02T10:15:06Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-7xj3-8m97-m2jr",
  "modified": "2025-01-02T12:32:11Z",
  "published": "2025-01-02T12:32:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13103"
    },
    {
      "type": "WEB",
      "url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/form2AddVrtsrv.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.289919"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.289919"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.472075"
    },
    {
      "type": "WEB",
      "url": "https://www.dlink.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-82P7-64V9-FPV5

Vulnerability from github – Published: 2025-04-17 18:31 – Updated: 2026-04-01 18:34
VLAI
Details

Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat allows Privilege Escalation. This issue affects Xelion Webchat: from n/a through 9.1.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-39542"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-17T16:15:57Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Jauhari Xelion Xelion Webchat allows Privilege Escalation. This issue affects Xelion Webchat: from n/a through 9.1.0.",
  "id": "GHSA-82p7-64v9-fpv5",
  "modified": "2026-04-01T18:34:53Z",
  "published": "2025-04-17T18:31:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39542"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/xelion-webchat/vulnerability/wordpress-xelion-webchat-9-1-0-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-836R-6WMG-2QJ5

Vulnerability from github – Published: 2026-06-02 12:31 – Updated: 2026-06-02 12:31
VLAI
Details

Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation.

This issue affects Masteriyo LMS PRO: from n/a through 2.20.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-53209"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-02T10:16:19Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation.\n\nThis issue affects Masteriyo LMS PRO: from n/a through 2.20.0.",
  "id": "GHSA-836r-6wmg-2qj5",
  "modified": "2026-06-02T12:31:25Z",
  "published": "2026-06-02T12:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53209"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/learning-management-system-pro/vulnerability/wordpress-masteriyo-lms-pro-2-20-0-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-837Q-78W5-P6P8

Vulnerability from github – Published: 2025-09-05 18:31 – Updated: 2025-09-05 18:31
VLAI
Details

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is said to be difficult. The exploit has been published and may be used. It is required to know the RSA-encrypted password of the attacked user account.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10014"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-05T18:15:37Z",
    "severity": "LOW"
  },
  "details": "A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is said to be difficult. The exploit has been published and may be used. It is required to know the RSA-encrypted password of the attacked user account.",
  "id": "GHSA-837q-78w5-p6p8",
  "modified": "2025-09-05T18:31:25Z",
  "published": "2025-09-05T18:31:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10014"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.322739"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.322739"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.643840"
    },
    {
      "type": "WEB",
      "url": "https://www.cnblogs.com/aibot/p/19063332"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-8383-GF95-58M6

Vulnerability from github – Published: 2025-05-23 06:30 – Updated: 2025-05-23 06:30
VLAI
Details

An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a low-privileged user to escalate their privilege by abusing the following API due to the lack of access control: /api/v2/users/user//role/ROLE/ (admin access can be achieved).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48695"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-23T05:15:25Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a low-privileged user to escalate their privilege by abusing the following API due to the lack of access control: /api/v2/users/user/\u003cuser id\u003e/role/ROLE/\u003cTarget role\u003e (admin access can be achieved).",
  "id": "GHSA-8383-gf95-58m6",
  "modified": "2025-05-23T06:30:31Z",
  "published": "2025-05-23T06:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48695"
    },
    {
      "type": "WEB",
      "url": "https://github.com/michaelcheung-research/Vulnerability-Disclosure/blob/main/CVE-2025-CyberDava1/README.md?plain=1"
    },
    {
      "type": "WEB",
      "url": "https://www.cyberdava.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-83J8-7M3H-36P8

Vulnerability from github – Published: 2024-09-17 15:31 – Updated: 2024-09-17 15:31
VLAI
Details

Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This issue affects Houzez Login Register: from n/a through 3.2.5.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-21743"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-17T14:15:16Z",
    "severity": "HIGH"
  },
  "details": "Privilege Escalation vulnerability in favethemes Houzez Login Register houzez-login-register.This issue affects Houzez Login Register: from n/a through 3.2.5.",
  "id": "GHSA-83j8-7m3h-36p8",
  "modified": "2024-09-17T15:31:23Z",
  "published": "2024-09-17T15:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21743"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/vulnerability/houzez-login-register/wordpress-houzez-login-register-plugin-3-2-5-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-847C-3V8Q-4F53

Vulnerability from github – Published: 2025-03-23 03:30 – Updated: 2025-03-23 03:30
VLAI
Details

A vulnerability has been found in JIZHICMS up to 1.7.0 and classified as problematic. This vulnerability affects unknown code of the file /user/release.html of the component Article Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-2639"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-23T03:15:11Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in JIZHICMS up to 1.7.0 and classified as problematic. This vulnerability affects unknown code of the file /user/release.html of the component Article Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-847c-3v8q-4f53",
  "modified": "2025-03-23T03:30:34Z",
  "published": "2025-03-23T03:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2639"
    },
    {
      "type": "WEB",
      "url": "https://github.com/H3rmesk1t/vulnerability-paper/blob/main/jizhiCMS-1.7.0-Incorrect%20Access%20Control3.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.300640"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.300640"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.519634"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.