CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-CQJH-9WGG-Q2V6
Vulnerability from github – Published: 2024-12-31 18:30 – Updated: 2024-12-31 18:30A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2024-52048"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-31T16:15:26Z",
"severity": "HIGH"
},
"details": "A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
"id": "GHSA-cqjh-9wgg-q2v6",
"modified": "2024-12-31T18:30:51Z",
"published": "2024-12-31T18:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52048"
},
{
"type": "WEB",
"url": "https://success.trendmicro.com/en-US/solution/KA-0018217"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CRP9-8XR4-FG7P
Vulnerability from github – Published: 2025-05-19 21:30 – Updated: 2026-04-28 21:35Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.
{
"affected": [],
"aliases": [
"CVE-2025-39366"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-19T20:15:24Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.",
"id": "GHSA-crp9-8xr4-fg7p",
"modified": "2026-04-28T21:35:38Z",
"published": "2025-05-19T21:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39366"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/theme/wproject/vulnerability/wordpress-wproject-theme-5-8-0-subscriber-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CRX9-Q52P-MH39
Vulnerability from github – Published: 2025-07-10 00:31 – Updated: 2025-07-30 18:31An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.
The GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.
{
"affected": [],
"aliases": [
"CVE-2025-0140"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-09T23:15:24Z",
"severity": "MODERATE"
},
"details": "An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect\u2122 App on macOS and Linux devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so.\n\nThe GlobalProtect app on Windows, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected.",
"id": "GHSA-crx9-q52p-mh39",
"modified": "2025-07-30T18:31:31Z",
"published": "2025-07-10T00:31:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0140"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2025-0140"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber",
"type": "CVSS_V4"
}
]
}
GHSA-CV9F-R9M5-V3WW
Vulnerability from github – Published: 2026-05-29 18:31 – Updated: 2026-05-29 18:31A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-10070"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-05-29T18:16:30Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the GitHub issue for this vulnerability without any explanation. Afterwards the vendor was contacted early about this disclosure via email but did not respond in any way.",
"id": "GHSA-cv9f-r9m5-v3ww",
"modified": "2026-05-29T18:31:34Z",
"published": "2026-05-29T18:31:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10070"
},
{
"type": "WEB",
"url": "https://github.com/macrozheng/mall/issues/970"
},
{
"type": "WEB",
"url": "https://github.com/macrozheng/mall"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/818384"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367156"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367156/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CV9J-VCQ6-7GCP
Vulnerability from github – Published: 2025-03-31 12:30 – Updated: 2025-03-31 12:30A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-2991"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-31T11:15:39Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-cv9j-vcq6-7gcp",
"modified": "2025-03-31T12:30:45Z",
"published": "2025-03-31T12:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2991"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-AdvSetWrlmacfilter-1bc53a41781f807d97f3d01957f442a0?pvs=4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.302040"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.302040"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.523412"
},
{
"type": "WEB",
"url": "https://www.tenda.com.cn"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CVWW-PX7G-8933
Vulnerability from github – Published: 2026-07-05 09:30 – Updated: 2026-07-05 09:30A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.
{
"affected": [],
"aliases": [
"CVE-2026-14719"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-05T08:16:25Z",
"severity": "MODERATE"
},
"details": "A flaw has been found in SourceCodester Onlne Examination \u0026 Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The attack can be executed remotely. The exploit has been published and may be used. The name of the affected product appears to have a typo in it.",
"id": "GHSA-cvww-px7g-8933",
"modified": "2026-07-05T09:30:23Z",
"published": "2026-07-05T09:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-14719"
},
{
"type": "WEB",
"url": "https://pastebin.com/Z4i5MGxk"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-14719"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/847515"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/376307"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/376307/cti"
},
{
"type": "WEB",
"url": "https://www.sourcecodester.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CW4G-6V74-6MHC
Vulnerability from github – Published: 2026-03-05 06:30 – Updated: 2026-03-09 15:30Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through <= 1.2.38.
{
"affected": [],
"aliases": [
"CVE-2026-24963"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-05T06:16:23Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in ameliabooking Amelia ameliabooking allows Privilege Escalation.This issue affects Amelia: from n/a through \u003c= 1.2.38.",
"id": "GHSA-cw4g-6v74-6mhc",
"modified": "2026-03-09T15:30:32Z",
"published": "2026-03-05T06:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24963"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/ameliabooking/vulnerability/wordpress-amelia-plugin-1-2-38-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-CWP3-3MXC-V33W
Vulnerability from github – Published: 2025-01-28 21:31 – Updated: 2025-01-28 21:31A vulnerability, which was classified as problematic, was found in pankajindevops scale up to 20241113. This affects an unknown part of the component API Endpoint. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
{
"affected": [],
"aliases": [
"CVE-2025-0783"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-28T19:15:14Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as problematic, was found in pankajindevops scale up to 20241113. This affects an unknown part of the component API Endpoint. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.",
"id": "GHSA-cwp3-3mxc-v33w",
"modified": "2025-01-28T21:31:03Z",
"published": "2025-01-28T21:31:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0783"
},
{
"type": "WEB",
"url": "https://docs.google.com/document/d/1FCJveTlXtJd8EJRW2-LXwuhno92JaVt3_98Iqrdoc6M/edit?tab=t.0#heading=h.bbpri264qnth"
},
{
"type": "WEB",
"url": "https://drive.google.com/file/d/1KqzS5bMyPtgO9eIk_-que50tZU097RVi/view"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.293907"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.293907"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.480350"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-CXFP-7PVR-95FF
Vulnerability from github – Published: 2025-05-21 18:01 – Updated: 2025-05-28 19:45Impact
A bug was found in the containerd's CRI implementation where containerd doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node.
Patches
This bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue.
Workarounds
Disable usernamespaced pods in Kubernetes temporarily.
Credits
The containerd project would like to thank Rodrigo Campos Catelin and Piotr Rogowski for responsibly disclosing this issue in accordance with the containerd security policy.
For more information
If you have any questions or comments about this advisory:
- Open an issue in containerd
- Email us at security@containerd.io
To report a security issue in containerd: * Report a new vulnerability * Email us at security@containerd.io
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.0.4"
},
"package": {
"ecosystem": "Go",
"name": "github.com/containerd/containerd/v2"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.1"
},
{
"fixed": "2.0.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-47291"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-21T18:01:48Z",
"nvd_published_at": "2025-05-21T18:15:52Z",
"severity": "MODERATE"
},
"details": "# Impact\n\nA bug was found in the containerd\u0027s CRI implementation where containerd doesn\u0027t put usernamespaced containers under the Kubernetes\u0027 cgroup hierarchy, therefore some Kubernetes limits are not honored. This may cause a denial of service of the Kubernetes node.\n\n# Patches\n\nThis bug has been fixed in containerd 2.0.5+ and 2.1.0+. Users should update to these versions to resolve the issue.\n\n# Workarounds\n\nDisable usernamespaced pods in Kubernetes temporarily.\n\n# Credits\n\nThe containerd project would like to thank Rodrigo Campos Catelin and Piotr Rogowski for responsibly disclosing this issue in accordance with the [containerd security policy](https://github.com/containerd/project/blob/main/SECURITY.md).\n\n# For more information\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at security@containerd.io\n\nTo report a security issue in containerd:\n* [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new)\n* Email us at [security@containerd.io](mailto:security@containerd.io)",
"id": "GHSA-cxfp-7pvr-95ff",
"modified": "2025-05-28T19:45:21Z",
"published": "2025-05-21T18:01:48Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-cxfp-7pvr-95ff"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47291"
},
{
"type": "PACKAGE",
"url": "https://github.com/containerd/containerd"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2025-3701"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"type": "CVSS_V4"
}
],
"summary": "containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods."
}
GHSA-CXHM-M7WH-3QMW
Vulnerability from github – Published: 2024-12-31 15:30 – Updated: 2026-04-01 18:32Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4.
{
"affected": [],
"aliases": [
"CVE-2024-56205"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-31T13:15:08Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4.",
"id": "GHSA-cxhm-m7wh-3qmw",
"modified": "2026-04-01T18:32:54Z",
"published": "2024-12-31T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56205"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/newsletter-page-redirects/vulnerability/wordpress-ai-magic-seo-content-generator-article-writer-plugin-1-0-4-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.