Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 990

990 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-57760 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation — langflow 8.8 High2025-08-25
CVE-2025-8309 User privilege escalation vulnerability — Asset Explorer 8.1 High2025-08-20
CVE-2025-6182 Root Certificate Injection — sdm 7.5AIHighAI2025-08-20
CVE-2025-8453 Schneider Electric Saitel DR RTU 安全漏洞 — Saitel DR RTU 6.7 Medium2025-08-20
CVE-2025-8218 Real Spaces - WordPress Properties Directory Theme <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member' — Real Spaces - WordPress Properties Directory Theme 8.8 High2025-08-19
CVE-2025-6758 Real Spaces - WordPress Properties Directory Theme <= 3.6 - Unauthenticated Privilege Escalation to Administrator via 'imic_agent_register' — Real Spaces - WordPress Properties Directory Theme 9.8 Critical2025-08-19
CVE-2025-6080 WPGYM <= 67.7.0 - Missing Authorization to Admin Account Creation — WPGYM - Wordpress Gym Management System 8.8 High2025-08-16
CVE-2025-49758 Microsoft SQL Server Elevation of Privilege Vulnerability — Microsoft SQL Server 2016 Service Pack 3 (GDR) 8.8 High2025-08-12
CVE-2025-54996 OpenBao Root Namespace Operator May Elevate Token Privileges — openbao 7.2 High2025-08-09
CVE-2025-6994 Reveal Listing <= 3.3 - Unauthenticated Privilege Escalation — Reveal Listing 9.8 Critical2025-08-06
CVE-2025-54594 react-native-bottom-tabs: Arbitrary code execution in GitHub Actions canary workflow leads to secret exfiltration — react-native-bottom-tabs 9.1 Critical2025-08-05
CVE-2013-10052 ZPanel zsudo Local Privilege Escalation — ZPanel 7.8AIHighAI2025-08-04
CVE-2012-10022 Kloxo <= 6.1.12 Local Privilege Escalation — Kloxo 8.4 -2025-08-01
CVE-2025-5954 Service Finder SMS System <= 2.0.0 - Unauthenticated Privilege Escalation — Service Finder SMS System 9.8 Critical2025-08-01
CVE-2024-13975 Commvault 11.20.0 - 11.36.0 Windows Access Nodes Compromise via Local File Server Agent Abuse — Commvault 6.7 -2025-07-25
CVE-2025-53942 authentik has an insufficient check for account active status during OAuth/SAML authentication — authentik 7.0 -2025-07-23
CVE-2015-10139 WPLMS Learning Management System for WordPress, WordPress LMS <= 1.8.4.1 - Privilege Escalation — WPLMS Learning Management System for WordPress, WordPress LMS 8.8 High2025-07-19
CVE-2025-7784 Org.keycloak/keycloak-services: privilege escalation in keycloak admin console (fgapv2 enabled) 6.5 Medium2025-07-18
CVE-2025-7341 HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Deletion — HT Contact Form – Drag & Drop Form Builder for WordPress 9.1 Critical2025-07-15
CVE-2025-50124 Schneider Electric EcoStruxure IT Data Center Expert 安全漏洞 — EcoStruxure™ IT Data Center Expert 8.8AIHighAI2025-07-11
CVE-2025-5028 Arbitrary file deletion vulnerability in ESET product installers — ESET NOD32 Antivirus 7.1AIHighAI2025-07-11
CVE-2025-6759 Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges — Windows Virtual Delivery Agent for CVAD and Citrix DaaS 7.8AIHighAI2025-07-08
CVE-2025-43019 HP Support Assistant – Potential Escalation of Privilege — HP Support Assistant 7.8AIHighAI2025-07-08
CVE-2025-24006 Privilege Escalation via Insecure SSH Permissions — CHARX SEC-3150 7.8 High2025-07-08
CVE-2025-6943 Delinea Secret Server 安全漏洞 — Secret Server 3.8 Low2025-07-02
CVE-2025-36630 Local Privilege Escalation — Nessus 8.4 High2025-07-01
CVE-2025-6934 Opal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation via 'on_regiser_user' — Opal Estate Pro – Property Management and Submission 9.8 Critical2025-07-01
CVE-2025-52555 CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS — ceph 6.5 Medium2025-06-26
CVE-2025-37101 HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege — HPE OneView for VMware vCenter 8.7 High2025-06-26
CVE-2025-4334 Simple User Registration <= 6.3 - Unauthenticated Privilege Escalation — Simple User Registration 9.8 Critical2025-06-26

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 990 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.