Common Weakness Enumeration

CWE-266

Allowed

Incorrect Privilege Assignment

Abstraction: Base · Status: Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

1913 vulnerabilities reference this CWE, most recent first.

GHSA-GR54-FJX7-FJ9C

Vulnerability from github – Published: 2026-06-08 18:31 – Updated: 2026-06-08 18:31
VLAI
Details

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is assessed as difficult. The exploit is publicly available and might be used.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-11555"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-08T18:16:32Z",
    "severity": "LOW"
  },
  "details": "A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is assessed as difficult. The exploit is publicly available and might be used.",
  "id": "GHSA-gr54-fjx7-fj9c",
  "modified": "2026-06-08T18:31:53Z",
  "published": "2026-06-08T18:31:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11555"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-11555"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/834824"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369165"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/369165/cti"
    },
    {
      "type": "WEB",
      "url": "https://www.dlink.com"
    },
    {
      "type": "WEB",
      "url": "https://www.notion.so/D-link-DGS-1100-08PD-v1-00-006-3670ed14e5cb80848bc4e3129dfafa29?source=copy_link"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GV86-FJR8-GFWC

Vulnerability from github – Published: 2026-01-22 18:30 – Updated: 2026-01-28 00:31
VLAI
Details

Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through <= 1.3.9.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-69183"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-22T17:16:24Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in e-plugins Hospital Doctor Directory hospital-doctor-directory allows Privilege Escalation.This issue affects Hospital Doctor Directory: from n/a through \u003c= 1.3.9.",
  "id": "GHSA-gv86-fjr8-gfwc",
  "modified": "2026-01-28T00:31:39Z",
  "published": "2026-01-22T18:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69183"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/Wordpress/Plugin/hospital-doctor-directory/vulnerability/wordpress-hospital-doctor-directory-plugin-1-3-9-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GV8W-M9X9-CVQJ

Vulnerability from github – Published: 2026-02-20 18:31 – Updated: 2026-02-20 18:31
VLAI
Details

A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\InportController.java of the component Inport Endpoint. Executing a manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-2851"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-20T18:25:54Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\\repos\\warehouse\\src\\main\\java\\com\\yeqifu\\bus\\controller\\InportController.java of the component Inport Endpoint. Executing a manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.",
  "id": "GHSA-gv8w-m9x9-cvqj",
  "modified": "2026-02-20T18:31:40Z",
  "published": "2026-02-20T18:31:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2851"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yeqifu/warehouse/issues/62"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yeqifu/warehouse/issues/62#issue-3846670634"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yeqifu/warehouse"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.347087"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.347087"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.754430"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GVRQ-2779-X2HW

Vulnerability from github – Published: 2024-10-10 03:30 – Updated: 2024-10-10 03:30
VLAI
Details

The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the 'save_metabox_form' function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with editor-level permissions or above, to update the registration form role to administrator, which leads to privilege escalation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9519"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-10T02:15:05Z",
    "severity": "HIGH"
  },
  "details": "The UserPlus plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the \u0027save_metabox_form\u0027 function in versions up to, and including, 2.0. This makes it possible for authenticated attackers, with editor-level permissions or above, to update the registration form role to administrator, which leads to privilege escalation.",
  "id": "GHSA-gvrq-2779-x2hw",
  "modified": "2024-10-10T03:30:46Z",
  "published": "2024-10-10T03:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9519"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/userplus/trunk/admin/admin-post-metaboxes.php?rev=1627771#L62"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1148b18d-7af1-41c6-bd7f-1b2d53cb44e6?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GW66-X3Q6-F7FV

Vulnerability from github – Published: 2024-11-25 18:33 – Updated: 2024-11-25 21:30
VLAI
Details

IBM Jazz Foundation 7.0.2 and 7.0.3

could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-26280"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-25T16:15:06Z",
    "severity": "MODERATE"
  },
  "details": "IBM Jazz Foundation 7.0.2 and 7.0.3\n\n\u00a0could allow a user to change their dashboard using a specially crafted HTTP request due to improper access control.",
  "id": "GHSA-gw66-x3q6-f7fv",
  "modified": "2024-11-25T21:30:50Z",
  "published": "2024-11-25T18:33:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26280"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7176207"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GW69-97JP-C5GG

Vulnerability from github – Published: 2026-06-15 06:31 – Updated: 2026-06-15 06:31
VLAI
Details

A vulnerability has been found in hcengineering Huly Platform up to 0.7.0. Affected is the function getMailboxSecret of the file server/account/src/operations.ts of the component RPC Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-12212"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-15T04:16:25Z",
    "severity": "LOW"
  },
  "details": "A vulnerability has been found in hcengineering Huly Platform up to 0.7.0. Affected is the function getMailboxSecret of the file server/account/src/operations.ts of the component RPC Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
  "id": "GHSA-gw69-97jp-c5gg",
  "modified": "2026-06-15T06:31:38Z",
  "published": "2026-06-15T06:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12212"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/cve/CVE-2026-12212"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/submit/832973"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/370854"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/vuln/370854/cti"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GWP7-PHFM-2677

Vulnerability from github – Published: 2026-03-25 18:31 – Updated: 2026-03-25 18:31
VLAI
Details

Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-1712"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-25T17:16:29Z",
    "severity": "MODERATE"
  },
  "details": "Incorrect privilege assignment vulnerability in HYPR Server allows Privilege Escalation.This issue affects HYPR Server: from 10.5.1 before 10.7.",
  "id": "GHSA-gwp7-phfm-2677",
  "modified": "2026-03-25T18:31:48Z",
  "published": "2026-03-25T18:31:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1712"
    },
    {
      "type": "WEB",
      "url": "https://www.hypr.com/trust-center/security-advisories"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-GWQG-29R6-J2PQ

Vulnerability from github – Published: 2024-12-13 15:30 – Updated: 2026-04-01 18:32
VLAI
Details

Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-54293"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-13T15:15:33Z",
    "severity": "CRITICAL"
  },
  "details": "Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0.",
  "id": "GHSA-gwqg-29r6-j2pq",
  "modified": "2026-04-01T18:32:43Z",
  "published": "2024-12-13T15:30:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54293"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/ce21-suite/vulnerability/wordpress-ce21-suite-plugin-2-2-0-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GWR7-G7GQ-M3V3

Vulnerability from github – Published: 2025-04-04 15:31 – Updated: 2026-04-01 18:34
VLAI
Details

Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.4.2.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-31420"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-04T13:15:46Z",
    "severity": "HIGH"
  },
  "details": "Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.4.2.",
  "id": "GHSA-gwr7-g7gq-m3v3",
  "modified": "2026-04-01T18:34:28Z",
  "published": "2025-04-04T15:31:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31420"
    },
    {
      "type": "WEB",
      "url": "https://patchstack.com/database/wordpress/plugin/wpforo/vulnerability/wordpress-wpforo-forum-plugin-2-4-2-privilege-escalation-vulnerability?_s_id=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GX4P-PRHW-C28V

Vulnerability from github – Published: 2022-05-24 19:16 – Updated: 2022-10-22 12:00
VLAI
Details

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-20264"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-266",
      "CWE-269",
      "CWE-732"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-06T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
  "id": "GHSA-gx4p-prhw-c28v",
  "modified": "2022-10-22T12:00:28Z",
  "published": "2022-05-24T19:16:47Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20264"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932283"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

No CAPEC attack patterns related to this CWE.