Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 381

381 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-4692 ABUP IoT Cloud Platform Incorrect Privilege Assignment — ABUP IoT Cloud Platform 6.8 Medium2025-05-22
CVE-2025-47291 containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods. — containerd 7.7AIHighAI2025-05-21
CVE-2025-39366 WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability — wProject 8.8 High2025-05-19
CVE-2025-39405 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerability — WPAMS 8.8 High2025-05-19
CVE-2025-39459 WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability — Real Estate 7 7.3 High2025-05-19
CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App — GlobalProtect App 7.1AIHighAI2025-05-14
CVE-2025-0131 GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Security SDK — MetaDefender Endpoint Security SDK 7.0AIHighAI2025-05-14
CVE-2025-3744 Nomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy Override — Nomad Enterprise 7.6 High2025-05-13
CVE-2025-40571 Siemens Mendix OIDC SSO 安全漏洞 — Mendix OIDC SSO (Mendix 10.12 compatible) 2.2 Low2025-05-13
CVE-2025-4374 Quay: incorrect privilege assignment — quay 6.5 Medium2025-05-06
CVE-2025-2898 IBM Maximo Application Suite privilege escalation — Maximo Application Suite 7.5 High2025-05-06
CVE-2025-3517 Devolutions Server 安全漏洞 — Devolutions Server 8.8AIHighAI2025-05-01
CVE-2025-27007 WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability — OttoKit 9.8 Critical2025-05-01
CVE-2025-2470 Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input' — Service Finder Bookings 9.8 Critical2025-04-25
CVE-2025-32648 WordPress Projectopia plugin <= 5.1.24 - Privilege Escalation vulnerability — Projectopia 9.8 Critical2025-04-17
CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability — Xelion Webchat 8.8 High2025-04-17
CVE-2025-23391 Rancher: Restricted Administrator can change Administrator's passwords — rancher 9.1 Critical2025-04-11
CVE-2025-32491 WordPress Rankology SEO – On-site SEO plugin <= 2.2.4 - Privilege Escalation Vulnerability — Rankology SEO – On-site SEO 8.8AIHighAI2025-04-11
CVE-2025-31524 WordPress WP User Profiles plugin <= 2.6.2 - Privilege Escalation vulnerability — WP User Profiles 8.8 High2025-04-10
CVE-2025-32695 WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability — Checkout Mestres WP 9.8 Critical2025-04-09
CVE-2025-25023 IBM Security Guardium information disclosure — Security Guardium 4.9 Medium2025-04-09
CVE-2025-23407 Inaba Denki Sangyo Wi-Fi AP UNIT 安全漏洞 — AC-WPS-11ac 4.3 Medium2025-04-09
CVE-2024-51800 WordPress Homey theme <= 2.4.1 - Privilege Escalation vulnerability — Homey 9.8 Critical2025-04-04
CVE-2025-31420 WordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerability — wpForo Forum 8.8AIHighAI2025-04-04
CVE-2025-31560 WordPress Salon booking system plugin < 10.15 - Privilege Escalation vulnerability — Salon booking system 7.2 High2025-04-01
CVE-2025-27095 JumpServer has a Kubernetes Token Leak Vulnerability — jumpserver 4.3 Medium2025-03-31
CVE-2025-2713 Improper File Permission Handling in Google gVisor runsc — gVisor 7.1 -2025-03-28
CVE-2025-26512 CVE-2025-26512 Privilege Escalation Vulnerability in SnapCenter — SnapCenter 9.9 Critical2025-03-24
CVE-2025-0628 Improper Authorization in BerriAI/litellm — berriai/litellm 8.8 -2025-03-20
CVE-2024-49561 Dell SmartFabric OS10 安全漏洞 — SmartFabric OS10 Software 7.8 High2025-03-17

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 381 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.