CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-R38F-QM5H-P64X
Vulnerability from github – Published: 2025-06-26 21:31 – Updated: 2025-06-26 21:31NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.
{
"affected": [],
"aliases": [
"CVE-2025-23260"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-24T18:15:24Z",
"severity": "MODERATE"
},
"details": "NVIDIA AIStore contains a vulnerability in the AIS Operator where a user may gain elevated k8s cluster access by using the ServiceAccount attached to the ClusterRole. A successful exploit of this vulnerability may lead to information disclosure.",
"id": "GHSA-r38f-qm5h-p64x",
"modified": "2025-06-26T21:31:10Z",
"published": "2025-06-26T21:31:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23260"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5660"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R3FW-G849-9J8V
Vulnerability from github – Published: 2025-04-14 21:32 – Updated: 2025-04-14 21:32A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-3587"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-14T20:15:19Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-r3fw-g849-9j8v",
"modified": "2025-04-14T21:32:24Z",
"published": "2025-04-14T21:32:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3587"
},
{
"type": "WEB",
"url": "https://github.com/buluorifu/Vulnerability-recurrence/blob/main/Refer/ZeroWdd-studentmanager-authority.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.304642"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.304642"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.550129"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R4FQ-Q33J-5QH6
Vulnerability from github – Published: 2025-08-20 09:30 – Updated: 2026-04-01 18:35Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24.
{
"affected": [],
"aliases": [
"CVE-2025-54735"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T08:15:49Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24.",
"id": "GHSA-r4fq-q33j-5qh6",
"modified": "2026-04-01T18:35:57Z",
"published": "2025-08-20T09:30:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54735"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/cubewp-framework/vulnerability/wordpress-cubewp-framework-plugin-1-1-24-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R53H-9RRM-9PQR
Vulnerability from github – Published: 2025-09-17 18:31 – Updated: 2025-09-17 18:31A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.
{
"affected": [],
"aliases": [
"CVE-2025-9760"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-01T05:15:41Z",
"severity": "MODERATE"
},
"details": "A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.",
"id": "GHSA-r53h-9rrm-9pqr",
"modified": "2025-09-17T18:31:17Z",
"published": "2025-09-17T18:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9760"
},
{
"type": "WEB",
"url": "https://github.com/marcelomulder/CVE/blob/main/i-educar/Broken%20Function%20Level%20Authorization%20on%20%60matricula%60%20API%20allows%20deletion%20of%20%E2%80%9Cabandono%E2%80%9D%20status.md#proof-of-concept-poc"
},
{
"type": "WEB",
"url": "https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-9760.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.322061"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.322061"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.640690"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.643575"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.648827"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R58Q-XQ2P-RF3W
Vulnerability from github – Published: 2025-04-25 21:31 – Updated: 2025-04-29 18:30NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.
{
"affected": [],
"aliases": [
"CVE-2025-32980"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-25T21:15:38Z",
"severity": "CRITICAL"
},
"details": "NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.",
"id": "GHSA-r58q-xq2p-rf3w",
"modified": "2025-04-29T18:30:55Z",
"published": "2025-04-25T21:31:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32980"
},
{
"type": "WEB",
"url": "https://www.netscout.com/securityadvisories"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-R593-VH4Q-G7MV
Vulnerability from github – Published: 2026-04-14 09:30 – Updated: 2026-04-14 09:30A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level.
{
"affected": [],
"aliases": [
"CVE-2026-27668"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-14T09:16:35Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions \u003c V5.8). User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access to any device group at any access level.",
"id": "GHSA-r593-vh4q-g7mv",
"modified": "2026-04-14T09:30:45Z",
"published": "2026-04-14T09:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27668"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-741509.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R5CH-RMJX-G82V
Vulnerability from github – Published: 2025-09-23 00:32 – Updated: 2025-09-23 00:32A vulnerability was detected in fuyang_lipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-10820"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-22T23:15:36Z",
"severity": "MODERATE"
},
"details": "A vulnerability was detected in fuyang_lipengjun platform 1.0. Impacted is the function TopicController of the file /topic/queryAll. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used.",
"id": "GHSA-r5ch-rmjx-g82v",
"modified": "2025-09-23T00:32:03Z",
"published": "2025-09-23T00:32:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10820"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.325177"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.325177"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.653741"
},
{
"type": "WEB",
"url": "https://www.cnblogs.com/aibot/p/19063465"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R5RF-J64W-28QC
Vulnerability from github – Published: 2024-11-12 15:30 – Updated: 2024-11-12 15:30A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.
{
"affected": [],
"aliases": [
"CVE-2024-29119"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-12T13:15:07Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in Spectrum Power 7 (All versions \u003c V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to escalate privileges.",
"id": "GHSA-r5rf-j64w-28qc",
"modified": "2024-11-12T15:30:41Z",
"published": "2024-11-12T15:30:41Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29119"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-616032.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-R5W8-HF4H-F29V
Vulnerability from github – Published: 2024-02-13 09:30 – Updated: 2024-10-22 18:32Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet.
{
"affected": [],
"aliases": [
"CVE-2023-6815"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-02-13T07:15:46Z",
"severity": "MODERATE"
},
"details": "Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a non-administrator user to disclose the credentials (user ID and password) of a user with a lower access level than the attacker by sending a specially crafted packet.",
"id": "GHSA-r5w8-hf4h-f29v",
"modified": "2024-10-22T18:32:04Z",
"published": "2024-02-13T09:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6815"
},
{
"type": "WEB",
"url": "https://jvn.jp/vu/JVNVU95085830/index.html"
},
{
"type": "WEB",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-044-01"
},
{
"type": "WEB",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-021_en.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-R6HQ-8QVX-XRXP
Vulnerability from github – Published: 2025-05-19 21:30 – Updated: 2026-04-01 18:35Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).
{
"affected": [],
"aliases": [
"CVE-2025-39405"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-19T19:15:48Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).",
"id": "GHSA-r6hq-8qvx-xrxp",
"modified": "2026-04-01T18:35:12Z",
"published": "2025-05-19T21:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39405"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/apartment-management/vulnerability/wordpress-wpams-plugin-44-0-17-08-2023-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.