Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-28WF-Q2M6-RJGV

Vulnerability from github – Published: 2025-06-06 09:30 – Updated: 2025-06-06 09:30
VLAI
Details

Vulnerability of improper permission assignment in the note sharing module Impact: Successful exploitation of this vulnerability may affect availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48911"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-06T07:15:26Z",
    "severity": "HIGH"
  },
  "details": "Vulnerability of improper permission assignment in the note sharing module\nImpact: Successful exploitation of this vulnerability may affect availability.",
  "id": "GHSA-28wf-q2m6-rjgv",
  "modified": "2025-06-06T09:30:24Z",
  "published": "2025-06-06T09:30:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48911"
    },
    {
      "type": "WEB",
      "url": "https://consumer.huawei.com/en/support/bulletin/2025/6"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-295X-34P8-7Q26

Vulnerability from github – Published: 2024-07-15 09:36 – Updated: 2024-07-16 18:31
VLAI
Details

An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting 'RequiredLock' of 'AgentFrontend::Ticket::InlineEditing::Property###Watch' in the system configuration.This issue affects OTRS: 

  • 8.0.X
  • 2023.X
  • from 2024.X through 2024.4.x
Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-23794"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-15T08:15:02Z",
    "severity": "CRITICAL"
  },
  "details": "An incorrect privilege assignment vulnerability in the inline editing functionality of OTRS can lead to privilege escalation. This flaw allows an agent with read-only permissions to gain full access to a ticket. This issue arises in very rare instances when an admin has previously enabled the setting \u0027RequiredLock\u0027 of \u0027AgentFrontend::Ticket::InlineEditing::Property###Watch\u0027 in the system configuration.This issue affects OTRS:\u00a0\n\n  *  8.0.X\n  *  2023.X\n  *  from 2024.X through 2024.4.x\n\n",
  "id": "GHSA-295x-34p8-7q26",
  "modified": "2024-07-16T18:31:42Z",
  "published": "2024-07-15T09:36:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23794"
    },
    {
      "type": "WEB",
      "url": "https://otrs.com/release-notes/otrs-security-advisory-2024-06"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-29QG-J923-RV8R

Vulnerability from github – Published: 2024-11-12 03:30 – Updated: 2024-11-12 03:30
VLAI
Details

An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-47595"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T01:15:05Z",
    "severity": "MODERATE"
  },
  "details": "An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentiality and integrity of the application.",
  "id": "GHSA-29qg-j923-rv8r",
  "modified": "2024-11-12T03:30:48Z",
  "published": "2024-11-12T03:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47595"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3509619"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2C38-3WJV-55HM

Vulnerability from github – Published: 2025-04-07 15:31 – Updated: 2025-04-07 15:31
VLAI
Details

A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Registration Handler. The manipulation of the argument email leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3298"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-05T11:15:40Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Registration Handler. The manipulation of the argument email leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-2c38-3wjv-55hm",
  "modified": "2025-04-07T15:31:10Z",
  "published": "2025-04-07T15:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3298"
    },
    {
      "type": "WEB",
      "url": "https://github.com/foreverfeifei/cve/blob/main/user.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.303493"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.303493"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.550010"
    },
    {
      "type": "WEB",
      "url": "https://www.sourcecodester.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2CQ9-P3HH-4X7F

Vulnerability from github – Published: 2025-12-18 09:30 – Updated: 2026-01-20 15:32
VLAI
Details

Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through <= 1.4.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-58710"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-18T08:15:57Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listing hotel-listing allows Privilege Escalation.This issue affects Hotel Listing: from n/a through \u003c= 1.4.0.",
  "id": "GHSA-2cq9-p3hh-4x7f",
  "modified": "2026-01-20T15:32:22Z",
  "published": "2025-12-18T09:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58710"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/hotel-listing/vulnerability/wordpress-hotel-listing-plugin-1-4-0-privilege-escalation-vulnerability?_s_id=cve"
    },
    {
      "type": "WEB",
      "url": "https://vdp.patchstack.com/database/Wordpress/Plugin/hotel-listing/vulnerability/wordpress-hotel-listing-plugin-1-4-0-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2FJ9-FC6X-HGW7

Vulnerability from github – Published: 2025-04-30 15:30 – Updated: 2025-04-30 15:30
VLAI
Details

A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-4119"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-639"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-30T14:15:31Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-2fj9-fc6x-hgw7",
  "modified": "2025-04-30T15:30:49Z",
  "published": "2025-04-30T15:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4119"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.306604"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.306604"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.560778"
    },
    {
      "type": "WEB",
      "url": "https://www.cnblogs.com/aibot/p/18830908"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2FPQ-M96X-2XGF

Vulnerability from github – Published: 2026-02-05 00:31 – Updated: 2026-02-23 12:31
VLAI
Details

A flaw has been found in WeKan up to 8.20. Affected is the function applyWipLimit of the file models/lists.js of the component Attachment Storage Handler. Executing a manipulation can lead to improper access controls. The attack can be executed remotely. Upgrading to version 8.21 is able to address this issue. This patch is called 8c0b4f79d8582932528ec2fdf2a4487c86770fb9. It is recommended to upgrade the affected component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-1895"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-04T23:15:55Z",
    "severity": "MODERATE"
  },
  "details": "A flaw has been found in WeKan up to 8.20. Affected is the function applyWipLimit of the file models/lists.js of the component Attachment Storage Handler. Executing a manipulation can lead to improper access controls. The attack can be executed remotely. Upgrading to version 8.21 is able to address this issue. This patch is called 8c0b4f79d8582932528ec2fdf2a4487c86770fb9. It is recommended to upgrade the affected component.",
  "id": "GHSA-2fpq-m96x-2xgf",
  "modified": "2026-02-23T12:31:29Z",
  "published": "2026-02-05T00:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1895"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wekan/wekan/commit/8c0b4f79d8582932528ec2fdf2a4487c86770fb9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wekan/wekan"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wekan/wekan/releases/tag/v8.21"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.344267"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.344267"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.742666"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.742679"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2G53-8J24-X4MG

Vulnerability from github – Published: 2026-06-06 18:30 – Updated: 2026-06-06 18:30
VLAI
Details

A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/{projectId}/default-branch of the component REST API. This manipulation of the argument project.defaultBranch causes improper authorization. It is possible to initiate the attack remotely. Upgrading to version 15.0.6 is able to mitigate this issue. Upgrading the affected component is advised.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-11440"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-06T18:16:53Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was determined in theonedev onedev up to 15.0.5. This affects an unknown part of the file /repositories/{projectId}/default-branch of the component REST API. This manipulation of the argument project.defaultBranch causes improper authorization. It is possible to initiate the attack remotely. Upgrading to version 15.0.6 is able to mitigate this issue. Upgrading the affected component is advised.",
  "id": "GHSA-2g53-8j24-x4mg",
  "modified": "2026-06-06T18:30:22Z",
  "published": "2026-06-06T18:30:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11440"
    },
    {
      "type": "WEB",
      "url": "https://github.com/theonedev/onedev/releases/tag/v15.0.6"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-11440"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/822956"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369020"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369020/cti"
    },
    {
      "type": "WEB",
      "url": "https://www.cnblogs.com/aibot/p/19994142"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2GMR-G5V4-9CCH

Vulnerability from github – Published: 2024-12-19 15:31 – Updated: 2024-12-19 15:31
VLAI
Details

A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. This product is not affiliated with the company Adobe.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-12786"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-19T15:15:06Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. This product is not affiliated with the company Adobe.",
  "id": "GHSA-2gmr-g5v4-9cch",
  "modified": "2024-12-19T15:31:11Z",
  "published": "2024-12-19T15:31:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12786"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.288966"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.288966"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.464685"
    },
    {
      "type": "WEB",
      "url": "https://winslow1984.com/books/cve-collection/page/adobe-downloader-131-local-privilege-escalation"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2GW8-X645-QVJJ

Vulnerability from github – Published: 2025-11-22 00:31 – Updated: 2025-11-22 00:31
VLAI
Details

Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible. Exploitation does not grant full system control, but it may enable unauthorized changes to project configurations or access to system sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0504"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-21T22:16:17Z",
    "severity": "MODERATE"
  },
  "details": "Black Duck SCA versions prior to 2025.10.0 had user role permissions configured in an overly broad manner. Users with the scoped Project Manager user role with the Global User Read access permission enabled access to certain Project Administrator functionalities which should have be inaccessible. Exploitation does not grant full system control, but it may enable unauthorized changes to project configurations or access to system sensitive information.",
  "id": "GHSA-2gw8-x645-qvjj",
  "modified": "2025-11-22T00:31:20Z",
  "published": "2025-11-22T00:31:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0504"
    },
    {
      "type": "WEB",
      "url": "https://community.blackduck.com/s/article/Black-Duck-Product-Security-Advisory-CVE-2025-0504"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.