CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-96M4-WXP2-5CFP
Vulnerability from github – Published: 2024-10-23 15:31 – Updated: 2024-10-23 15:31A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The affected devices contain a SUID binary that could allow an authenticated local attacker to execute arbitrary commands with root privileges.
{
"affected": [],
"aliases": [
"CVE-2024-47904"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-23T15:15:31Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions \u003c V8.2.12), InterMesh 7707 Fire Subscriber (All versions \u003c V7.2.12 only if the IP interface is enabled (which is not the default configuration)). The affected devices contain a SUID binary that could allow an authenticated local attacker to execute arbitrary commands with root privileges.",
"id": "GHSA-96m4-wxp2-5cfp",
"modified": "2024-10-23T15:31:08Z",
"published": "2024-10-23T15:31:08Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47904"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-333468.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-97MF-V96F-5JP7
Vulnerability from github – Published: 2026-02-08 03:30 – Updated: 2026-02-08 03:30A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able to resolve this issue. The patch is named 4ce181d17249778094f73d21515f7f863f554743. It is advisable to upgrade the affected component.
{
"affected": [],
"aliases": [
"CVE-2026-2206"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-08T02:15:57Z",
"severity": "MODERATE"
},
"details": "A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able to resolve this issue. The patch is named 4ce181d17249778094f73d21515f7f863f554743. It is advisable to upgrade the affected component.",
"id": "GHSA-97mf-v96f-5jp7",
"modified": "2026-02-08T03:30:27Z",
"published": "2026-02-08T03:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2206"
},
{
"type": "WEB",
"url": "https://github.com/wekan/wekan/commit/4ce181d17249778094f73d21515f7f863f554743"
},
{
"type": "WEB",
"url": "https://github.com/wekan/wekan"
},
{
"type": "WEB",
"url": "https://github.com/wekan/wekan/releases/tag/v8.21"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.344920"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.344920"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.752162"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-97QF-CPWX-Q6FW
Vulnerability from github – Published: 2025-12-18 09:30 – Updated: 2026-01-20 15:32Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through <= 1.5.8.
{
"affected": [],
"aliases": [
"CVE-2025-59134"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-18T08:16:03Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigration law, Visa services support, Migration Agent Consulting immiex allows Privilege Escalation.This issue affects Sale! Immigration law, Visa services support, Migration Agent Consulting: from n/a through \u003c= 1.5.8.",
"id": "GHSA-97qf-cpwx-q6fw",
"modified": "2026-01-20T15:32:25Z",
"published": "2025-12-18T09:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59134"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Theme/immiex/vulnerability/wordpress-sale-immigration-law-visa-services-support-migration-agent-consulting-theme-1-5-8-privilege-escalation-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Theme/immiex/vulnerability/wordpress-sale-immigration-law-visa-services-support-migration-agent-consulting-theme-1-5-8-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-97VV-P3GX-FX2F
Vulnerability from github – Published: 2026-06-17 18:35 – Updated: 2026-06-17 18:35Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
{
"affected": [],
"aliases": [
"CVE-2026-39546"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-17T13:20:19Z",
"severity": "HIGH"
},
"details": "Subscriber Privilege Escalation in MultiLoca \u003c= 4.2.15 versions.",
"id": "GHSA-97vv-p3gx-fx2f",
"modified": "2026-06-17T18:35:49Z",
"published": "2026-06-17T18:35:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39546"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/woocommerce-multi-locations-inventory-management/vulnerability/wordpress-multiloca-plugin-4-2-15-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-987X-FJ9W-984X
Vulnerability from github – Published: 2026-03-08 09:30 – Updated: 2026-03-08 09:30A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /checkin.php. This manipulation of the argument patient_id causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.
{
"affected": [],
"aliases": [
"CVE-2026-3724"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-08T09:16:18Z",
"severity": "MODERATE"
},
"details": "A weakness has been identified in SourceCodester Patients Waiting Area Queue Management System 1.0. This impacts an unknown function of the file /checkin.php. This manipulation of the argument patient_id causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.",
"id": "GHSA-987x-fj9w-984x",
"modified": "2026-03-08T09:30:21Z",
"published": "2026-03-08T09:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3724"
},
{
"type": "WEB",
"url": "https://github.com/hiranerakkot/Patients-Waiting-Area-Queue-Management-System/blob/main/README.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.349700"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.349700"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.766389"
},
{
"type": "WEB",
"url": "https://www.sourcecodester.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-98XH-6HR4-2QWH
Vulnerability from github – Published: 2025-03-25 00:30 – Updated: 2025-03-25 00:30SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed.
{
"affected": [],
"aliases": [
"CVE-2025-26512"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-24T22:15:13Z",
"severity": "CRITICAL"
},
"details": "SnapCenter versions prior to \n6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an \nauthenticated SnapCenter Server user to become an admin user on a remote\n system where a SnapCenter plug-in has been installed.",
"id": "GHSA-98xh-6hr4-2qwh",
"modified": "2025-03-25T00:30:26Z",
"published": "2025-03-25T00:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26512"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/NTAP-20250324-0001"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9C29-H337-7MW5
Vulnerability from github – Published: 2025-04-29 15:31 – Updated: 2025-04-29 15:31A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/addadvertisement.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-4065"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-29T15:15:54Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/addadvertisement.php. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-9c29-h337-7mw5",
"modified": "2025-04-29T15:31:53Z",
"published": "2025-04-29T15:31:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4065"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.306502"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.306502"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.559478"
},
{
"type": "WEB",
"url": "https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system_16.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9C5H-H4MJ-P5CH
Vulnerability from github – Published: 2026-06-29 03:30 – Updated: 2026-06-29 03:30A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. The attack can be initiated remotely. The attack is considered to have high complexity. It is stated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
{
"affected": [],
"aliases": [
"CVE-2026-13524"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-29T03:16:45Z",
"severity": "LOW"
},
"details": "A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. The attack can be initiated remotely. The attack is considered to have high complexity. It is stated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.",
"id": "GHSA-9c5h-h4mj-p5ch",
"modified": "2026-06-29T03:30:52Z",
"published": "2026-06-29T03:30:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13524"
},
{
"type": "WEB",
"url": "https://github.com/CherryHQ/cherry-studio/issues/15372"
},
{
"type": "WEB",
"url": "https://github.com/CherryHQ/cherry-studio/pull/15388"
},
{
"type": "WEB",
"url": "https://github.com/CherryHQ/cherry-studio"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-13524"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/840175"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/374532"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/374532/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9CC8-CJGW-8QWX
Vulnerability from github – Published: 2025-10-07 18:31 – Updated: 2025-10-07 18:31Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
{
"affected": [],
"aliases": [
"CVE-2025-43914"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-07T18:16:00Z",
"severity": "HIGH"
},
"details": "Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.",
"id": "GHSA-9cc8-cjgw-8qwx",
"modified": "2025-10-07T18:31:11Z",
"published": "2025-10-07T18:31:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43914"
},
{
"type": "WEB",
"url": "https://www.dell.com/support/kbdoc/en-us/000376224/dsa-2025-333-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9FCC-M4P7-2RP9
Vulnerability from github – Published: 2025-03-20 18:30 – Updated: 2025-03-20 18:30A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been rated as problematic. This issue affects some unknown processing of the file /goform/formVirtualServ. The manipulation leads to improper access controls. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
{
"affected": [],
"aliases": [
"CVE-2025-2553"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T18:15:19Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been rated as problematic. This issue affects some unknown processing of the file /goform/formVirtualServ. The manipulation leads to improper access controls. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
"id": "GHSA-9fcc-m4p7-2rp9",
"modified": "2025-03-20T18:30:32Z",
"published": "2025-03-20T18:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2553"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formVirtualServ-1b153a41781f80b98645c3f7f4c5f4ae?pvs=4"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formVirtualServ-1b053a41781f80b28443daabf03c0825?pvs=4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.300167"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.300167"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.516795"
},
{
"type": "WEB",
"url": "https://www.dlink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.