Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-R38F-QM5H-P64X

Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-26 21:31
VLAI
Details

NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-23260"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-24T18:15:24Z",
    "severity": "MODERATE"
  },
  "details": "NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.",
  "id": "GHSA-r38f-qm5h-p64x",
  "modified": "2025-06-26T21:31:10Z",
  "published": "2025-06-26T21:31:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23260"
    },
    {
      "type": "WEB",
      "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5660"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R3FW-G849-9J8V

Vulnerability from github – Published: 2025-04-14 21:32 – Updated: 2025-04-14 21:32
VLAI
Details

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3587"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-14T20:15:19Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-r3fw-g849-9j8v",
  "modified": "2025-04-14T21:32:24Z",
  "published": "2025-04-14T21:32:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3587"
    },
    {
      "type": "WEB",
      "url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/ZeroWdd-studentmanager-authority.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.304642"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.304642"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.550129"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R4FQ-Q33J-5QH6

Vulnerability from github – Published: 2025-08-20 09:30 – Updated: 2026-04-01 18:35
VLAI
Details

Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-54735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-20T08:15:49Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24.",
  "id": "GHSA-r4fq-q33j-5qh6",
  "modified": "2026-04-01T18:35:57Z",
  "published": "2025-08-20T09:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54735"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/cubewp-framework/vulnerability/wordpress-cubewp-framework-plugin-1-1-24-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R53H-9RRM-9PQR

Vulnerability from github – Published: 2025-09-17 18:31 – Updated: 2025-09-17 18:31
VLAI
Details

A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-9760"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-01T05:15:41Z",
    "severity": "MODERATE"
  },
  "details": "A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.",
  "id": "GHSA-r53h-9rrm-9pqr",
  "modified": "2025-09-17T18:31:17Z",
  "published": "2025-09-17T18:31:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9760"
    },
    {
      "type": "WEB",
      "url": "https://github.com/marcelomulder/CVE/blob/main/i-educar/Broken%20Function%20Level%20Authorization%20on%20%60matricula%60%20API%20allows%20deletion%20of%20%E2%80%9Cabandono%E2%80%9D%20status.md#proof-of-concept-poc"
    },
    {
      "type": "WEB",
      "url": "https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-9760.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.322061"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.322061"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.640690"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.643575"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.648827"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R58Q-XQ2P-RF3W

Vulnerability from github – Published: 2025-04-25 21:31 – Updated: 2025-04-29 18:30
VLAI
Details

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-32980"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-25T21:15:38Z",
    "severity": "CRITICAL"
  },
  "details": "NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.",
  "id": "GHSA-r58q-xq2p-rf3w",
  "modified": "2025-04-29T18:30:55Z",
  "published": "2025-04-25T21:31:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32980"
    },
    {
      "type": "WEB",
      "url": "https://www.netscout.com/securityadvisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R593-VH4Q-G7MV

Vulnerability from github – Published: 2026-04-14 09:30 – Updated: 2026-04-14 09:30
VLAI
Details

A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-27668"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-14T09:16:35Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions \u003c V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level.",
  "id": "GHSA-r593-vh4q-g7mv",
  "modified": "2026-04-14T09:30:45Z",
  "published": "2026-04-14T09:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27668"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-741509.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R5CH-RMJX-G82V

Vulnerability from github – Published: 2025-09-23 00:32 – Updated: 2025-09-23 00:32
VLAI
Details

A vulnerability was detected in fuyang_lipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-10820"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-22T23:15:36Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was detected in fuyang_lipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used.",
  "id": "GHSA-r5ch-rmjx-g82v",
  "modified": "2025-09-23T00:32:03Z",
  "published": "2025-09-23T00:32:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10820"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.325177"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.325177"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.653741"
    },
    {
      "type": "WEB",
      "url": "https://www.cnblogs.com/aibot/p/19063465"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R5RF-J64W-28QC

Vulnerability from github – Published: 2024-11-12 15:30 – Updated: 2024-11-12 15:30
VLAI
Details

A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-29119"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-12T13:15:07Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability has been identified in Spectrum Power 7 (All versions \u003c V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.",
  "id": "GHSA-r5rf-j64w-28qc",
  "modified": "2024-11-12T15:30:41Z",
  "published": "2024-11-12T15:30:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29119"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-616032.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-R5W8-HF4H-F29V

Vulnerability from github – Published: 2024-02-13 09:30 – Updated: 2024-10-22 18:32
VLAI
Details

Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6815"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-13T07:15:46Z",
    "severity": "MODERATE"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet.",
  "id": "GHSA-r5w8-hf4h-f29v",
  "modified": "2024-10-22T18:32:04Z",
  "published": "2024-02-13T09:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6815"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU95085830/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-044-01"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-021_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R6HQ-8QVX-XRXP

Vulnerability from github – Published: 2025-05-19 21:30 – Updated: 2026-04-01 18:35
VLAI
Details

Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-39405"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-19T19:15:48Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).",
  "id": "GHSA-r6hq-8qvx-xrxp",
  "modified": "2026-04-01T18:35:12Z",
  "published": "2025-05-19T21:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39405"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/apartment-management/vulnerability/wordpress-wpams-plugin-44-0-17-08-2023-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.