CWE-863
Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
CVE-2026-1553 (GCVE-0-2026-1553)
Vulnerability from cvelistv5 – Published: 2026-02-04 20:26 – Updated: 2026-02-04 21:21
VLAI
Title
Drupal Canvas - Moderately critical - Access bypass - SA-CONTRIB-2026-006
Summary
Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4.
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Drupal | Drupal Canvas |
Affected:
0.0.0 , < 1.0.4
(semver)
|
Date Public
2026-01-28 17:28
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-1553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T21:21:13.798297Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T21:21:35.681Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.drupal.org/project/canvas",
"defaultStatus": "unaffected",
"product": "Drupal Canvas",
"repo": "https://git.drupalcode.org/project/canvas",
"vendor": "Drupal",
"versions": [
{
"lessThan": "1.0.4",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "jschref"
},
{
"lang": "en",
"type": "remediation developer",
"value": "B\u00c3\u00a1lint Kl\u00c3\u00a9ri (balintbrews)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Matt Glaman (mglaman)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Christian L\u00c3\u00b3pez Esp\u00c3\u00adnola (penyaskito)"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Tim Plunkett (tim.plunkett)"
},
{
"lang": "en",
"type": "coordinator",
"value": "Alex Bronstein (effulgentsia)"
},
{
"lang": "en",
"type": "coordinator",
"value": "Greg Knaddison (greggles)"
}
],
"datePublic": "2026-01-28T17:28:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.\u003cp\u003eThis issue affects Drupal Canvas: from 0.0.0 before 1.0.4.\u003c/p\u003e"
}
],
"value": "Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4."
}
],
"impacts": [
{
"capecId": "CAPEC-87",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-87 Forceful Browsing"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T20:26:22.334Z",
"orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"shortName": "drupal"
},
"references": [
{
"url": "https://www.drupal.org/sa-contrib-2026-006"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Drupal Canvas - Moderately critical - Access bypass - SA-CONTRIB-2026-006",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
"assignerShortName": "drupal",
"cveId": "CVE-2026-1553",
"datePublished": "2026-02-04T20:26:22.334Z",
"dateReserved": "2026-01-28T17:01:08.406Z",
"dateUpdated": "2026-02-04T21:21:35.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1734 (GCVE-0-2026-1734)
Vulnerability from cvelistv5 – Published: 2026-02-01 23:32 – Updated: 2026-02-23 09:11
VLAI
Title
Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization
Summary
A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.343633 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.343633 | signaturepermissions-required |
| https://vuldb.com/?submit.736619 | third-party-advisory |
| https://github.com/foeCat/CVE/blob/main/CRMEB/cro… | related |
| https://github.com/foeCat/CVE/blob/main/CRMEB/cro… | exploit |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zhong Bang | CRMEB |
Affected:
5.6.0
Affected: 5.6.1 Affected: 5.6.2 Affected: 5.6.3 cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1734",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-02T17:09:09.627216Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-02T17:09:29.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:*"
],
"modules": [
"crontab Endpoint"
],
"product": "CRMEB",
"vendor": "Zhong Bang",
"versions": [
{
"status": "affected",
"version": "5.6.0"
},
{
"status": "affected",
"version": "5.6.1"
},
{
"status": "affected",
"version": "5.6.2"
},
{
"status": "affected",
"version": "5.6.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Ho Cherry (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T09:11:48.786Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-343633 | Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.343633"
},
{
"name": "VDB-343633 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.343633"
},
{
"name": "Submit #736619 | Zhongbang CRMEB v5.6.3 Missing Authorization",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.736619"
},
{
"tags": [
"related"
],
"url": "https://github.com/foeCat/CVE/blob/main/CRMEB/crontab_unauthorized_access.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/foeCat/CVE/blob/main/CRMEB/crontab_unauthorized_access.md#proof-of-concept"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-01T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-02-01T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-02-03T11:02:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "Zhong Bang CRMEB crontab Endpoint CrontabController.php authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-1734",
"datePublished": "2026-02-01T23:32:05.711Z",
"dateReserved": "2026-02-01T07:35:34.969Z",
"dateUpdated": "2026-02-23T09:11:48.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1752 (GCVE-0-2026-1752)
Vulnerability from cvelistv5 – Published: 2026-04-08 22:25 – Updated: 2026-04-09 14:58
VLAI
Title
Incorrect Authorization in GitLab
Summary
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in the API.
Severity
4.3 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/3533545 | technical-descriptionexploitpermissions-required |
| https://gitlab.com/gitlab-org/gitlab/-/work_items… | |
| https://about.gitlab.com/releases/2026/04/08/patc… |
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1752",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T14:58:34.582561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:58:43.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "GitLab",
"repo": "git://git@gitlab.com:gitlab-org/gitlab.git",
"vendor": "GitLab",
"versions": [
{
"lessThan": "18.8.9",
"status": "affected",
"version": "11.3",
"versionType": "semver"
},
{
"lessThan": "18.9.5",
"status": "affected",
"version": "18.9",
"versionType": "semver"
},
{
"lessThan": "18.10.3",
"status": "affected",
"version": "18.10",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thanks [modhanami](https://hackerone.com/modhanami) for reporting this vulnerability through our HackerOne bug bounty program"
}
],
"descriptions": [
{
"lang": "en",
"value": "GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in the API."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T22:25:52.858Z",
"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"shortName": "GitLab"
},
"references": [
{
"name": "HackerOne Bug Bounty Report #3533545",
"tags": [
"technical-description",
"exploit",
"permissions-required"
],
"url": "https://hackerone.com/reports/3533545"
},
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/588413"
},
{
"url": "https://about.gitlab.com/releases/2026/04/08/patch-release-gitlab-18-10-3-released/"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to versions 18.8.9, 18.9.5, 18.10.3 or above."
}
],
"title": "Incorrect Authorization in GitLab"
}
},
"cveMetadata": {
"assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a",
"assignerShortName": "GitLab",
"cveId": "CVE-2026-1752",
"datePublished": "2026-04-08T22:25:52.858Z",
"dateReserved": "2026-02-02T09:33:10.110Z",
"dateUpdated": "2026-04-09T14:58:43.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1768 (GCVE-0-2026-1768)
Vulnerability from cvelistv5 – Published: 2026-02-24 19:01 – Updated: 2026-02-26 16:12
VLAI
Summary
A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Devolutions | Devolutions Server |
Affected:
0 , < 2025.3.15
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-1768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T16:12:05.695636Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:12:31.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Devolutions Server",
"vendor": "Devolutions",
"versions": [
{
"lessThan": "2025.3.15",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.\u003cp\u003eThis issue affects Devolutions Server: before 2025.3.15.\u003c/p\u003e"
}
],
"value": "A permission cache poisoning vulnerability in Devolutions Server allows authenticated users to bypass permissions to access entries.This issue affects Devolutions Server: before 2025.3.15."
}
],
"impacts": [
{
"capecId": "CAPEC-141",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-141 Cache Poisoning"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T19:01:07.640Z",
"orgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23",
"shortName": "DEVOLUTIONS"
},
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2026-0004/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bfee16bd-18e6-446c-9a65-f5b2e3d89c23",
"assignerShortName": "DEVOLUTIONS",
"cveId": "CVE-2026-1768",
"datePublished": "2026-02-24T19:01:07.640Z",
"dateReserved": "2026-02-02T15:49:01.125Z",
"dateUpdated": "2026-02-26T16:12:31.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1897 (GCVE-0-2026-1897)
Vulnerability from cvelistv5 – Published: 2026-02-05 00:02 – Updated: 2026-02-23 09:17 X_Open Source
VLAI
Title
WeKan Position-History Tracking positionHistory.js PositionHistoryBleed authorization
Summary
A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to version 8.21 can resolve this issue. The patch is identified as 55576ec17722db094835470b386162c9a662fb60. It is advisable to upgrade the affected component.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.344269 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.344269 | signaturepermissions-required |
| https://vuldb.com/?submit.742671 | third-party-advisory |
| https://github.com/wekan/wekan/commit/55576ec1772… | patch |
| https://github.com/wekan/wekan/releases/tag/v8.21 | patch |
| https://github.com/wekan/wekan/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | WeKan |
Affected:
8.0
Affected: 8.1 Affected: 8.2 Affected: 8.3 Affected: 8.4 Affected: 8.5 Affected: 8.6 Affected: 8.7 Affected: 8.8 Affected: 8.9 Affected: 8.10 Affected: 8.11 Affected: 8.12 Affected: 8.13 Affected: 8.14 Affected: 8.15 Affected: 8.16 Affected: 8.17 Affected: 8.18 Affected: 8.19 Affected: 8.20 Unaffected: 8.21 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T15:45:02.879394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T15:45:10.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Position-History Tracking"
],
"product": "WeKan",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.1"
},
{
"status": "affected",
"version": "8.2"
},
{
"status": "affected",
"version": "8.3"
},
{
"status": "affected",
"version": "8.4"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "8.6"
},
{
"status": "affected",
"version": "8.7"
},
{
"status": "affected",
"version": "8.8"
},
{
"status": "affected",
"version": "8.9"
},
{
"status": "affected",
"version": "8.10"
},
{
"status": "affected",
"version": "8.11"
},
{
"status": "affected",
"version": "8.12"
},
{
"status": "affected",
"version": "8.13"
},
{
"status": "affected",
"version": "8.14"
},
{
"status": "affected",
"version": "8.15"
},
{
"status": "affected",
"version": "8.16"
},
{
"status": "affected",
"version": "8.17"
},
{
"status": "affected",
"version": "8.18"
},
{
"status": "affected",
"version": "8.19"
},
{
"status": "affected",
"version": "8.20"
},
{
"status": "unaffected",
"version": "8.21"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "MegaManSec (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to version 8.21 can resolve this issue. The patch is identified as 55576ec17722db094835470b386162c9a662fb60. It is advisable to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N/E:ND/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-23T09:17:43.503Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-344269 | WeKan Position-History Tracking positionHistory.js PositionHistoryBleed authorization",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.344269"
},
{
"name": "VDB-344269 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.344269"
},
{
"name": "Submit #742671 | Wekan \u003c8.21 Missing authorization checks leading to information disclosure a",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.742671"
},
{
"tags": [
"patch"
],
"url": "https://github.com/wekan/wekan/commit/55576ec17722db094835470b386162c9a662fb60"
},
{
"tags": [
"patch"
],
"url": "https://github.com/wekan/wekan/releases/tag/v8.21"
},
{
"tags": [
"product"
],
"url": "https://github.com/wekan/wekan/"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-02-04T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-02-04T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-02-05T15:05:36.000Z",
"value": "VulDB entry last update"
}
],
"title": "WeKan Position-History Tracking positionHistory.js PositionHistoryBleed authorization"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-1897",
"datePublished": "2026-02-05T00:02:07.858Z",
"dateReserved": "2026-02-04T14:46:27.111Z",
"dateUpdated": "2026-02-23T09:17:43.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1999 (GCVE-0-2026-1999)
Vulnerability from cvelistv5 – Published: 2026-02-18 20:44 – Updated: 2026-04-14 15:09
VLAI
Title
Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requests
Summary
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enable_auto_merge mutation for pull requests. This issue only affected repositories that allow forking as the attack relies on opening a pull request from an attacker-controlled fork into the target repository. Exploitation was only possible in specific scenarios. It required a clean pull request status and only applied to branches without branch protection rules enabled. This vulnerability affected GitHub Enterprise Server versions prior to 3.19.2, 3.18.5, and 3.17.11, and was fixed in versions 3.19.2, 3.18.5, and 3.17.11. This vulnerability was reported via the GitHub Bug Bounty program.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://docs.github.com/en/enterprise-server@3.17… | release-notes |
| https://docs.github.com/en/enterprise-server@3.18… | release-notes |
| https://docs.github.com/en/enterprise-server@3.19… | release-notes |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GitHub | Enterprise Server |
Affected:
3.17.0 , < 3.17.11
(semver)
Affected: 3.18.0 , < 3.18.5 (semver) Affected: 3.19.0 , < 3.19.2 (semver) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-19T14:31:31.276186Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-14T15:09:57.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Enterprise Server",
"vendor": "GitHub",
"versions": [
{
"changes": [
{
"at": "3.17.11",
"status": "unaffected"
}
],
"lessThan": "3.17.11",
"status": "affected",
"version": "3.17.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.18.5",
"status": "unaffected"
}
],
"lessThan": "3.18.5",
"status": "affected",
"version": "3.18.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "3.19.2",
"status": "unaffected"
}
],
"lessThan": "3.19.2",
"status": "affected",
"version": "3.19.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ahacker1"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enable_auto_merge mutation for pull requests. This issue only affected repositories that allow forking as the attack relies on opening a pull request from an attacker-controlled fork into the target repository. Exploitation was only possible in specific scenarios. It required a clean pull request status and only applied to branches without branch protection rules enabled. This vulnerability affected GitHub Enterprise Server versions prior to 3.19.2, 3.18.5, and 3.17.11, and was fixed in versions 3.19.2, 3.18.5, and 3.17.11. This vulnerability was reported via the GitHub Bug Bounty program.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed an attacker to merge their own pull request into a repository without having push access by exploiting an authorization bypass in the enable_auto_merge mutation for pull requests. This issue only affected repositories that allow forking as the attack relies on opening a pull request from an attacker-controlled fork into the target repository. Exploitation was only possible in specific scenarios. It required a clean pull request status and only applied to branches without branch protection rules enabled. This vulnerability affected GitHub Enterprise Server versions prior to 3.19.2, 3.18.5, and 3.17.11, and was fixed in versions 3.19.2, 3.18.5, and 3.17.11. This vulnerability was reported via the GitHub Bug Bounty program."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:L/SC:L/SI:H/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T21:57:44.144Z",
"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
"shortName": "GitHub_P"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://docs.github.com/en/enterprise-server@3.17/admin/release-notes#3.17.11"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.github.com/en/enterprise-server@3.18/admin/release-notes#3.18.5"
},
{
"tags": [
"release-notes"
],
"url": "https://docs.github.com/en/enterprise-server@3.19/admin/release-notes#3.19.2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requests",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760",
"assignerShortName": "GitHub_P",
"cveId": "CVE-2026-1999",
"datePublished": "2026-02-18T20:44:51.396Z",
"dateReserved": "2026-02-05T17:14:39.098Z",
"dateUpdated": "2026-04-14T15:09:57.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20238 (GCVE-0-2026-20238)
Vulnerability from cvelistv5 – Published: 2026-05-20 16:32 – Updated: 2026-05-20 17:48
VLAI
Title
Improper Access Control through Role Inheritance in Splunk AI Toolkit app
Summary
In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data that was restricted through `srchFilter` configurations on custom roles.<br><br>The app contains an `authorize.conf` configuration file with a `srchFilter` entry that modifies the built-in ‘user’ role. Because the Splunk platform combines inherited search filters with the `OR` SPL operator, the injected filter overrides more restrictive filters on child roles.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Splunk | Splunk AI Toolkit |
Affected:
5.7 , < 5.7.3
(custom)
|
Date Public
2026-05-20 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20238",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-20T17:48:33.784566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T17:48:46.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Splunk AI Toolkit",
"vendor": "Splunk",
"versions": [
{
"lessThan": "5.7.3",
"status": "affected",
"version": "5.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Martin Muller, Splunk"
}
],
"datePublic": "2026-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 roles could access confidential data that was restricted through `srchFilter` configurations on custom roles.\u003cbr\u003e\u003cbr\u003eThe app contains an `authorize.conf` configuration file with a `srchFilter` entry that modifies the built-in \u2018user\u2019 role. Because the Splunk platform combines inherited search filters with the `OR` SPL operator, the injected filter overrides more restrictive filters on child roles."
}
],
"value": "In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the \u0027admin\u0027 or \u0027power\u0027 roles could access confidential data that was restricted through `srchFilter` configurations on custom roles.\u003cbr\u003e\u003cbr\u003eThe app contains an `authorize.conf` configuration file with a `srchFilter` entry that modifies the built-in \u2018user\u2019 role. Because the Splunk platform combines inherited search filters with the `OR` SPL operator, the injected filter overrides more restrictive filters on child roles."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-20T16:32:19.740Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"url": "https://advisory.splunk.com/advisories/SVD-2026-0502"
}
],
"source": {
"advisory": "SVD-2026-0502"
},
"title": "Improper Access Control through Role Inheritance in Splunk AI Toolkit app"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20238",
"datePublished": "2026-05-20T16:32:19.740Z",
"dateReserved": "2025-10-08T11:59:15.400Z",
"dateUpdated": "2026-05-20T17:48:46.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2126 (GCVE-0-2026-2126)
Vulnerability from cvelistv5 – Published: 2026-02-18 09:25 – Updated: 2026-04-08 16:32
VLAI
Title
User Submitted Posts <= 20260113 - Incorrect Authorization to Unauthenticated Category Restriction Bypass via 'user-submitted-category' Parameter
Summary
The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 20260113. This is due to the `usp_get_submitted_category()` function accepting user-submitted category IDs from the POST body without validating them against the admin-configured allowed categories stored in `usp_options['categories']`. This makes it possible for unauthenticated attackers to assign submitted posts to arbitrary categories, including restricted ones, by crafting a direct POST request with manipulated `user-submitted-category[]` values, bypassing the frontend category restrictions.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| specialk | User Submitted Posts – Enable Users to Submit Posts from the Front End |
Affected:
0 , ≤ 20260113
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-18T12:26:21.098592Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-18T12:51:09.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "User Submitted Posts \u2013 Enable Users to Submit Posts from the Front End",
"vendor": "specialk",
"versions": [
{
"lessThanOrEqual": "20260113",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "M Indra Purnama"
}
],
"descriptions": [
{
"lang": "en",
"value": "The User Submitted Posts \u2013 Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 20260113. This is due to the `usp_get_submitted_category()` function accepting user-submitted category IDs from the POST body without validating them against the admin-configured allowed categories stored in `usp_options[\u0027categories\u0027]`. This makes it possible for unauthenticated attackers to assign submitted posts to arbitrary categories, including restricted ones, by crafting a direct POST request with manipulated `user-submitted-category[]` values, bypassing the frontend category restrictions."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:32:44.750Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/02c5e3ad-5cc3-40b1-a15a-10d53383abe6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-submitted-posts/tags/20260113/user-submitted-posts.php#L298"
},
{
"url": "https://plugins.trac.wordpress.org/browser/user-submitted-posts/tags/20260113/user-submitted-posts.php#L1431"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3463696%40user-submitted-posts%2Ftrunk\u0026old=3456521%40user-submitted-posts%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-06T18:53:16.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-02-17T20:36:12.000Z",
"value": "Disclosed"
}
],
"title": "User Submitted Posts \u003c= 20260113 - Incorrect Authorization to Unauthenticated Category Restriction Bypass via \u0027user-submitted-category\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-2126",
"datePublished": "2026-02-18T09:25:51.296Z",
"dateReserved": "2026-02-06T18:37:48.354Z",
"dateUpdated": "2026-04-08T16:32:44.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21274 (GCVE-0-2026-21274)
Vulnerability from cvelistv5 – Published: 2026-01-13 18:25 – Updated: 2026-02-26 15:04
VLAI
Title
Dreamweaver Desktop | Incorrect Authorization (CWE-863)
Summary
Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization (CWE-863)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/dreamwe… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Dreamweaver Desktop |
Affected:
0 , ≤ 21.6
(semver)
|
Date Public
2026-01-13 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-14T04:57:32.563163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T15:04:17.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Dreamweaver Desktop",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "21.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2026-01-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization (CWE-863)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T18:25:35.669Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Dreamweaver Desktop | Incorrect Authorization (CWE-863)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2026-21274",
"datePublished": "2026-01-13T18:25:35.669Z",
"dateReserved": "2025-12-12T22:01:18.188Z",
"dateUpdated": "2026-02-26T15:04:17.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21285 (GCVE-0-2026-21285)
Vulnerability from cvelistv5 – Published: 2026-03-11 02:19 – Updated: 2026-03-11 13:43
VLAI
Title
Adobe Commerce | Incorrect Authorization (CWE-863)
Summary
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access to a feature. Exploitation of this issue does not require user interaction.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization (CWE-863)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/magento… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Adobe Commerce |
Affected:
0 , ≤ 2.4.4-p16
(semver)
|
Date Public
2026-03-09 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21285",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T13:43:40.777878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T13:43:49.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Adobe Commerce",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2.4.4-p16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2026-03-09T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain limited unauthorized access to a feature. Exploitation of this issue does not require user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "NETWORK",
"modifiedAvailabilityImpact": "NONE",
"modifiedConfidentialityImpact": "LOW",
"modifiedIntegrityImpact": "NONE",
"modifiedPrivilegesRequired": "LOW",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization (CWE-863)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T02:19:15.142Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/magento/apsb26-05.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Commerce | Incorrect Authorization (CWE-863)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2026-21285",
"datePublished": "2026-03-11T02:19:15.142Z",
"dateReserved": "2025-12-12T22:01:18.189Z",
"dateUpdated": "2026-03-11T13:43:49.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
No CAPEC attack patterns related to this CWE.