CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-QPQ8-WXCW-X7HJ
Vulnerability from github – Published: 2025-11-06 18:32 – Updated: 2026-01-20 15:31Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through <= 1.2.46.
{
"affected": [],
"aliases": [
"CVE-2025-60243"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-11-06T16:16:07Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through \u003c= 1.2.46.",
"id": "GHSA-qpq8-wxcw-x7hj",
"modified": "2026-01-20T15:31:50Z",
"published": "2025-11-06T18:32:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60243"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/selling-commander-connector/vulnerability/wordpress-selling-commander-for-woocommerce-plugin-1-2-46-privilege-escalation-vulnerability?_s_id=cve"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/selling-commander-connector/vulnerability/wordpress-selling-commander-for-woocommerce-plugin-1-2-46-privilege-escalation-vulnerability"
},
{
"type": "WEB",
"url": "https://vdp.patchstack.com/database/Wordpress/Plugin/selling-commander-connector/vulnerability/wordpress-selling-commander-for-woocommerce-plugin-1-2-46-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QPXX-2CWH-R5VH
Vulnerability from github – Published: 2025-05-26 09:30 – Updated: 2025-06-04 21:04A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.0 is able to address this issue. The patch is named 14b4cae704a0bb4eb6723e238f25382d847a1917. It is recommended to upgrade the affected component.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pypickle"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-5175"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": true,
"github_reviewed_at": "2025-05-27T19:54:23Z",
"nvd_published_at": "2025-05-26T08:15:19Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as critical. This affects the function Save of the file pypickle/pypickle.py. The manipulation leads to improper authorization. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.0 is able to address this issue. The patch is named 14b4cae704a0bb4eb6723e238f25382d847a1917. It is recommended to upgrade the affected component.",
"id": "GHSA-qpxx-2cwh-r5vh",
"modified": "2025-06-04T21:04:25Z",
"published": "2025-05-26T09:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5175"
},
{
"type": "WEB",
"url": "https://github.com/erdogant/pypickle/issues/3"
},
{
"type": "WEB",
"url": "https://github.com/erdogant/pypickle/issues/3#issue-3070689116"
},
{
"type": "WEB",
"url": "https://github.com/erdogant/pypickle/issues/3#issuecomment-2888589652"
},
{
"type": "WEB",
"url": "https://github.com/erdogant/pypickle/commit/14b4cae704a0bb4eb6723e238f25382d847a1917"
},
{
"type": "WEB",
"url": "https://github.com/PrinceRaj-0/Vulnerability-Disclosure/blob/main/CVE-2025-5175.md"
},
{
"type": "PACKAGE",
"url": "https://github.com/erdogant/pypickle"
},
{
"type": "WEB",
"url": "https://github.com/erdogant/pypickle/releases/tag/2.0.0"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/pypickle/PYSEC-2025-46.yaml"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.310263"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.310263"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.579824"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "pypickle Incorrect Privilege Assignment vulnerability"
}
GHSA-QQX5-RXFW-Q347
Vulnerability from github – Published: 2025-08-10 06:30 – Updated: 2025-08-10 06:30A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The manipulation of the argument projectID leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-8795"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-10T06:15:25Z",
"severity": "MODERATE"
},
"details": "A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The manipulation of the argument projectID leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-qqx5-rxfw-q347",
"modified": "2025-08-10T06:30:28Z",
"published": "2025-08-10T06:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8795"
},
{
"type": "WEB",
"url": "https://github.com/MaiqueSilva/VulnDB/blob/main/readme05.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.319323"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.319323"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.625984"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QRHC-F2QM-32M6
Vulnerability from github – Published: 2025-05-02 15:31 – Updated: 2025-05-02 15:31Incorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM user to elevate a previously configured user configured in a PAM JIT account via failure to update the internal account’s SID when updating the username.
{
"affected": [],
"aliases": [
"CVE-2025-3517"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-01T19:15:58Z",
"severity": "MODERATE"
},
"details": "Incorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM user to elevate a previously configured user configured in a PAM JIT account via failure to update the internal account\u2019s SID when updating the username.",
"id": "GHSA-qrhc-f2qm-32m6",
"modified": "2025-05-02T15:31:45Z",
"published": "2025-05-02T15:31:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3517"
},
{
"type": "WEB",
"url": "https://devolutions.net/security/advisories/DEVO-2025-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-QV39-5MWF-4PJ2
Vulnerability from github – Published: 2026-02-24 21:31 – Updated: 2026-02-24 21:31NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.
{
"affected": [],
"aliases": [
"CVE-2025-33179"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-02-24T20:27:42Z",
"severity": "HIGH"
},
"details": "NVIDIA Cumulus Linux and NVOS products contain a vulnerability in the NVUE interface, where a low-privileged user could run an unauthorized command. A successful exploit of this vulnerability might lead to escalation of privileges.",
"id": "GHSA-qv39-5mwf-4pj2",
"modified": "2026-02-24T21:31:46Z",
"published": "2026-02-24T21:31:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-33179"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5722"
},
{
"type": "WEB",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33179"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QV7F-CX6J-FR56
Vulnerability from github – Published: 2025-01-02 12:32 – Updated: 2025-01-02 12:32A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2024-13102"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-02T10:15:06Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-qv7f-cx6j-fr56",
"modified": "2025-01-02T12:32:10Z",
"published": "2025-01-02T12:32:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13102"
},
{
"type": "WEB",
"url": "https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-816/DDNS.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.289918"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.289918"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.472074"
},
{
"type": "WEB",
"url": "https://www.dlink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QVH6-JH7V-8FMR
Vulnerability from github – Published: 2025-03-17 06:30 – Updated: 2025-03-17 06:30A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B05_20181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the component DDNS Service. The manipulation of the argument SOAPAction leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
{
"affected": [],
"aliases": [
"CVE-2025-2359"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-17T04:15:11Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B05_20181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the component DDNS Service. The manipulation of the argument SOAPAction leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
"id": "GHSA-qvh6-jh7v-8fmr",
"modified": "2025-03-17T06:30:25Z",
"published": "2025-03-17T06:30:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2359"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-823G-SetDDNSSettings-1ac53a41781f80d98649dd3cbe106e9b?pvs=4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.299826"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.299826"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.513750"
},
{
"type": "WEB",
"url": "https://www.dlink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QVJF-2RJ3-8WRG
Vulnerability from github – Published: 2026-03-09 12:31 – Updated: 2026-03-09 12:31A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used.
{
"affected": [],
"aliases": [
"CVE-2026-3817"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-09T12:16:11Z",
"severity": "MODERATE"
},
"details": "A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. This issue affects some unknown processing of the file /patient-search.php. The manipulation results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used.",
"id": "GHSA-qvjf-2rj3-8wrg",
"modified": "2026-03-09T12:31:39Z",
"published": "2026-03-09T12:31:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3817"
},
{
"type": "WEB",
"url": "https://gist.github.com/HxH404/c4c8e7ce7fe5cde98aca176fba9d7207"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.349783"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.349783"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.769535"
},
{
"type": "WEB",
"url": "https://www.sourcecodester.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-QVVR-WCMF-4V5H
Vulnerability from github – Published: 2024-01-19 21:30 – Updated: 2024-01-19 21:30A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.
{
"affected": [],
"aliases": [
"CVE-2023-5080"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-19T20:15:12Z",
"severity": "MODERATE"
},
"details": "A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands. ",
"id": "GHSA-qvvr-wcmf-4v5h",
"modified": "2024-01-19T21:30:35Z",
"published": "2024-01-19T21:30:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5080"
},
{
"type": "WEB",
"url": "https://support.lenovo.com/us/en/product_security/LEN-142135"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-QW2G-QP82-QW5P
Vulnerability from github – Published: 2025-09-26 00:31 – Updated: 2025-09-26 00:31A vulnerability was determined in YunaiV yudao-cloud up to 2025.09. Affected by this issue is some unknown functionality of the file /crm/contact/transfer of the component HTTP Request Handler. This manipulation of the argument contactId causes improper authorization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-10987"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-26T00:15:37Z",
"severity": "MODERATE"
},
"details": "A vulnerability was determined in YunaiV yudao-cloud up to 2025.09. Affected by this issue is some unknown functionality of the file /crm/contact/transfer of the component HTTP Request Handler. This manipulation of the argument contactId causes improper authorization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-qw2g-qp82-qw5p",
"modified": "2025-09-26T00:31:19Z",
"published": "2025-09-26T00:31:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10987"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.325910"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.325910"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.653735"
},
{
"type": "WEB",
"url": "https://www.cnblogs.com/aibot/p/19063573"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.