Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-276 (缺省权限不正确) — Vulnerability Class 447

447 vulnerabilities classified as CWE-276 (缺省权限不正确). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-2026 Improper Access Control Allows Denial of Service — Agent 6.1 Medium2026-02-13
CVE-2026-25931 vscode-spell-checker has a workspace-trust bypass Code Execution — vscode-spell-checker 7.8 High2026-02-09
CVE-2020-37160 SprintWork 2.3.1 - Local Privilege Escalation — SprintWork 6.2 Medium2026-02-06
CVE-2025-15333 Tanium addressed an information disclosure vulnerability in Threat Response. — Threat Response 4.3 Medium2026-02-05
CVE-2025-15334 Tanium addressed an information disclosure vulnerability in Threat Response. — Threat Response 4.3 Medium2026-02-05
CVE-2025-15335 Tanium addressed an information disclosure vulnerability in Threat Response. — Threat Response 4.3 Medium2026-02-05
CVE-2025-15341 Tanium addressed an incorrect default permissions vulnerability in Benchmark. — Benchmark 6.5 Medium2026-02-05
CVE-2025-15338 Tanium addressed an incorrect default permissions vulnerability in Partner Integration. — Partner Integration 6.5 Medium2026-02-05
CVE-2025-15340 Tanium addressed an incorrect default permissions vulnerability in Comply. — Comply 6.5 Medium2026-02-05
CVE-2025-15339 Tanium addressed an incorrect default permissions vulnerability in Discover. — Discover 6.5 Medium2026-02-05
CVE-2025-15336 Tanium addressed an incorrect default permissions vulnerability in Performance. — Performance 6.5 Medium2026-02-05
CVE-2025-15337 Tanium addressed an incorrect default permissions vulnerability in Patch. — Patch 6.5 Medium2026-02-05
CVE-2025-15343 Tanium addressed an incorrect default permissions vulnerability in Enforce. — Enforce 6.5 Medium2026-02-05
CVE-2020-37129 Memu Play 7.1.3 - Insecure Folder Permissions — Memu Play 9.8 Critical2026-02-05
CVE-2025-10314 Malicious Code Execution Vulnerability in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows — FREQSHIP-mini for Windows 8.8 High2026-02-05
CVE-2026-24414 Icinga for Windows certificate can have too-open permissions — icinga-powershell-framework 5.5AIMediumAI2026-01-29
CVE-2026-24413 Icinga has insecure permission of %ProgramData%\icinga2\var on Windows — icinga2 5.5AIMediumAI2026-01-29
CVE-2025-13905 Schneider Electric EcoStruxure Process Expert 安全漏洞 — EcoStruxure™ Process Expert 7.8AIHighAI2026-01-29
CVE-2026-0705 Acronis Cloud Manager 安全漏洞 — Acronis Cloud Manager 7.8AIHighAI2026-01-27
CVE-2025-15523 TCC Bypass via Inherited Permissions in Bundled Interpreter in Inkscape.app — Inkscape 6.6AIMediumAI2026-01-22
CVE-2021-47852 Rockstar Service - Insecure File Permissions — Rockstar Games Launcher 8.8 High2026-01-21
CVE-2021-47761 MilleGPG5 5.7.2 Luglio 2021 (x64) - Local Privilege Escalation — MilleGPG5 7.8 High2026-01-15
CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions — arduino-ide 7.3AIHighAI2025-12-18
CVE-2025-64723 Arduino IDE for macOS has TCC Bypass via Dynamic Library Injection — arduino-ide 8.0AIHighAI2025-12-18
CVE-2025-13155 Lenovo Baiying Client 安全漏洞 — Baiying Client 7.8 High2025-12-10
CVE-2025-59030 Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor — Recursor 7.5 High2025-12-09
CVE-2025-57850 Codeready-ws: privilege escalation via excessive /etc/passwd permissions — Red Hat OpenShift Dev Spaces 6.4 Medium2025-12-02
CVE-2025-59485 Intercom MaLion Security Point 安全漏洞 — Security Point (Windows) of MaLion 7.3AIHighAI2025-11-25
CVE-2025-54866 Wazuh installation fails to protected authd.pass on Windows — wazuh 7.1 -2025-11-21
CVE-2025-58097 LogStare Collector 安全漏洞 — LogStare Collector (for Windows) 8.8 -2025-11-21

Vulnerabilities classified as CWE-276 (缺省权限不正确) represent 447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.