CWE-276 (缺省权限不正确) — Vulnerability Class 447

447 vulnerabilities classified as CWE-276 (缺省权限不正确). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-48959	Acronis Cyber Protect Cloud Agent 安全漏洞 — Acronis Cyber Protect Cloud Agent	7.8^AI	High^AI	2025-06-04
CVE-2025-48950	MaxKB Python Sandbox Bypass in Function Library — MaxKB	8.8^AI	High^AI	2025-06-03
CVE-2025-46355	Keiyo System PC Time Tracer 安全漏洞 — PC Time Tracer	7.8^AI	High^AI	2025-06-03
CVE-2025-2502	Lenovo PC Manager 安全漏洞 — PC Manager	7.8	High	2025-05-30
CVE-2025-4081	TCC Bypass via Dylib Substitution in DaVinci Resolve — DaVinci Resolve	7.3^AI	High^AI	2025-05-29
CVE-2025-32803	Insecure file permissions can result in confidential information leakage — Kea	4.0	Medium	2025-05-28
CVE-2025-4412	TCC Bypass via Dylib Loading in Viscosity.app — Viscosity	5.0^AI	Medium^AI	2025-05-27
CVE-2025-46803	Screen creates by default world-writable PTYs	5.0	Medium	2025-05-26
CVE-2024-13948	Insecure Permissions — ASPECT-Enterprise	7.3	High	2025-05-22
CVE-2025-43596	MSP360 Backup (for Windows) insecure filesystem permissions — Backup	7.8	High	2025-05-22
CVE-2025-4280	TCC Bypass via Inherited Permissions in Bundled Interpreter in Poedit.app — Poedit	6.6^AI	Medium^AI	2025-05-22
CVE-2025-48070	Plane has insecure permissions in UserSerializer — plane	3.5	Low	2025-05-21
CVE-2025-4660	Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access — SecureConnector	9.8^AI	Critical^AI	2025-05-13
CVE-2023-31359	AMD Manageability API 安全漏洞 — AIM-T Manageability API	7.3	High	2025-05-13
CVE-2023-31358	AMD Manageability API 安全漏洞 — AIM-T Manageability API	7.3	High	2025-05-13
CVE-2024-36339	AMD Optimizing CPU Libraries 安全漏洞 — AMD Optimizing CPU Libraries (AOCL)	7.3	High	2025-05-13
CVE-2024-21960	AMD Optimizing CPU Libraries 安全漏洞 — AMD Optimizing CPU Libraries (AOCL)	7.3	High	2025-05-13
CVE-2025-3528	Mirror-registry: local privilege escalation due to incorrect permissions in mirror-registry	8.2	High	2025-05-09
CVE-2025-43595	MSP360 Backup (for Linux) insecure filesystem permissions — Backup	7.8	High	2025-05-01
CVE-2025-42598	SEIKO EPSON printer drivers 安全漏洞 — SEIKO EPSON printer drivers for Windows OS	7.8	High	2025-04-28
CVE-2025-24914	Local Priviledge Escalation — Nessus	7.8	High	2025-04-18
CVE-2025-23386	gerbera: Privilege escalation from user gerbera to root because of insecure %post script — openSUSE Tumbleweed	7.8	High	2025-04-10
CVE-2025-29801	Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability — Microsoft AutoUpdate for Mac	7.8	High	2025-04-08
CVE-2025-0014	AMD Ryzen AI 安全漏洞 — AMD Ryzen™ AI Software	7.3	High	2025-04-02
CVE-2025-2782	WatchGuard Terminal Services Agent Local Privilege Escalation via Non-Standard Installation Directory — Terminal Services Agent	7.8	-	2025-03-28
CVE-2025-2781	WatchGuard Mobile VPN with SSL Local Privilege Escalation via Non-Standard Installation Directory — Mobile VPN with SSL Client	7.8	-	2025-03-28
CVE-2025-27612	Libcontainer is affected by capabilities elevation — youki	5.9	Medium	2025-03-21
CVE-2025-24915	Tenable Nessus Agent 安全漏洞 — Nessus Agent	7.8	High	2025-03-21
CVE-2024-0245	Task Hijacking in hamza417/inure — hamza417/inure	5.5	-	2025-03-20
CVE-2025-27926	Nintex Automation 安全漏洞 — Automation	4.3	Medium	2025-03-10

Vulnerabilities classified as CWE-276 (缺省权限不正确) represent 447 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-276 (缺省权限不正确) — Vulnerability Class 447