CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-9JRF-J929-6MVJ
Vulnerability from github – Published: 2026-04-05 15:31 – Updated: 2026-04-05 15:31A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been made public and could be used. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-5569"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-05T14:16:17Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been made public and could be used. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-9jrf-j929-6mvj",
"modified": "2026-04-05T15:31:54Z",
"published": "2026-04-05T15:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5569"
},
{
"type": "WEB",
"url": "https://github.com/shiky8/my--cve-vulnerability-research/blob/main/my_VulnDB_cves/CVE-TECHNOSTROBE-01-BrokenAccessControl.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/783322"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/355339"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/355339/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9M6P-W8RP-5V54
Vulnerability from github – Published: 2026-06-02 00:31 – Updated: 2026-06-02 00:31A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2026-10294"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-01T22:16:24Z",
"severity": "LOW"
},
"details": "A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-9m6p-w8rp-5v54",
"modified": "2026-06-02T00:31:57Z",
"published": "2026-06-02T00:31:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10294"
},
{
"type": "WEB",
"url": "https://github.com/PackageKit/PackageKit/issues/969"
},
{
"type": "WEB",
"url": "https://github.com/PackageKit/PackageKit"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-10294"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/826470"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367587"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367587/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9MRJ-RVVJ-725Q
Vulnerability from github – Published: 2025-07-01 21:32 – Updated: 2025-07-02 15:30Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks.
{
"affected": [],
"aliases": [
"CVE-2025-45006"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-01T20:15:24Z",
"severity": "CRITICAL"
},
"details": "Improper mstatus.SUM bit retention (non-zero) in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks.",
"id": "GHSA-9mrj-rvvj-725q",
"modified": "2025-07-02T15:30:35Z",
"published": "2025-07-01T21:32:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45006"
},
{
"type": "WEB",
"url": "https://github.com/chipsalliance/rocket-chip.git"
},
{
"type": "WEB",
"url": "https://github.com/heyfenny/Vulnerability_disclosure/blob/main/RISCV/Rocket-chip/CVE-2025-45006/details.md"
},
{
"type": "WEB",
"url": "https://lf-riscv.atlassian.net/wiki/spaces/HOME/pages/16154769/RISC-V+Technical+Specifications#ISA-Specifications"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9P2V-4VFH-GQ79
Vulnerability from github – Published: 2025-03-05 00:30 – Updated: 2025-03-05 00:30GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others.
{
"affected": [],
"aliases": [
"CVE-2025-21092"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-05T00:15:38Z",
"severity": "HIGH"
},
"details": "GMOD Apollo does not have sufficient logical or access checks when updating a user\u0027s information. This could result in an attacker being able to escalate privileges for themselves or others.",
"id": "GHSA-9p2v-4vfh-gq79",
"modified": "2025-03-05T00:30:35Z",
"published": "2025-03-05T00:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21092"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-07"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9Q77-GQXJ-Q9GX
Vulnerability from github – Published: 2026-06-26 15:32 – Updated: 2026-06-26 15:32Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
{
"affected": [],
"aliases": [
"CVE-2026-56008"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-26T15:16:41Z",
"severity": "HIGH"
},
"details": "Contributor Privilege Escalation in Fusion Builder \u003c= 3.15.4 versions.",
"id": "GHSA-9q77-gqxj-q9gx",
"modified": "2026-06-26T15:32:15Z",
"published": "2026-06-26T15:32:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56008"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/fusion-builder/vulnerability/wordpress-fusion-builder-plugin-3-15-4-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-9Q7C-XVPP-WW7R
Vulnerability from github – Published: 2025-06-02 06:30 – Updated: 2025-06-02 06:30A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin-cp/permalinks of the component Permalinks Page. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-5427"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-02T04:15:44Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin-cp/permalinks of the component Permalinks Page. The manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-9q7c-xvpp-ww7r",
"modified": "2025-06-02T06:30:32Z",
"published": "2025-06-02T06:30:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5427"
},
{
"type": "WEB",
"url": "https://github.com/Cyber-Wo0dy/report/blob/main/juzawebcms/3.4.2/juzawebcms_unprivileged_user_acess_modify_permalinks.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.310760"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.310760"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.584055"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9QJ5-FXQG-6G9P
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2024-04-22 18:30A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
{
"affected": [],
"aliases": [
"CVE-2020-14318"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-03T16:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.",
"id": "GHSA-9qj5-fxqg-6g9p",
"modified": "2024-04-22T18:30:46Z",
"published": "2022-05-24T17:35:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14318"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892631"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202012-24"
},
{
"type": "WEB",
"url": "https://www.samba.org/samba/security/CVE-2020-14318.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9QQM-G68P-FHHP
Vulnerability from github – Published: 2026-06-29 00:31 – Updated: 2026-06-29 00:31A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
{
"affected": [],
"aliases": [
"CVE-2026-13511"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-28T23:16:48Z",
"severity": "LOW"
},
"details": "A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.",
"id": "GHSA-9qqm-g68p-fhhp",
"modified": "2026-06-29T00:31:40Z",
"published": "2026-06-29T00:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-13511"
},
{
"type": "WEB",
"url": "https://github.com/VoltAgent/voltagent/issues/1315"
},
{
"type": "WEB",
"url": "https://github.com/VoltAgent/voltagent/pull/1317"
},
{
"type": "WEB",
"url": "https://github.com/VoltAgent/voltagent"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-13511"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/838873"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/374519"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/374519/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-9R29-3WX2-Q747
Vulnerability from github – Published: 2025-06-04 21:31 – Updated: 2025-06-04 21:31An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.
{
"affected": [],
"aliases": [
"CVE-2025-46203"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-04T20:15:23Z",
"severity": "MODERATE"
},
"details": "An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.",
"id": "GHSA-9r29-3wx2-q747",
"modified": "2025-06-04T21:31:15Z",
"published": "2025-06-04T21:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46203"
},
{
"type": "WEB",
"url": "https://github.com/changeweb/Unifiedtransform"
},
{
"type": "WEB",
"url": "https://github.com/spbavarva/CVE-2025-46203"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-9R2V-R8JF-9PRP
Vulnerability from github – Published: 2026-05-08 06:32 – Updated: 2026-05-08 21:31NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks.
{
"affected": [],
"aliases": [
"CVE-2026-8148"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-08T05:16:12Z",
"severity": "HIGH"
},
"details": "NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\\SYSTEM via registry manipulation due to improper privilege checks.",
"id": "GHSA-9r2v-r8jf-9prp",
"modified": "2026-05-08T21:31:23Z",
"published": "2026-05-08T06:32:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8148"
},
{
"type": "WEB",
"url": "https://cve.naver.com/detail/cve-2026-8148.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.