Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-281 (权限预留不恰当) — Vulnerability Class 91

91 vulnerabilities classified as CWE-281 (权限预留不恰当). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-35361 uutils coreutils mknod Security Label Inconsistency and Broken Cleanup on SELinux Systems — coreutils 3.4 Low2026-04-22
CVE-2026-35351 uutils coreutils mv Silent Ownership Loss in Cross-Device Operations — coreutils 4.2 Medium2026-04-22
CVE-2026-35350 uutils coreutils cp Unexpected Privileged Executable Creation with -p — coreutils 6.6 Medium2026-04-22
CVE-2026-35385 OpenSSH 安全漏洞 — OpenSSH 7.5 High2026-04-02
CVE-2025-9615 Networkmanager: networkmanager file access — Red Hat Enterprise Linux 10 8.1AIHighAI2026-01-26
CVE-2024-12125 3scale-porta: readonly fields not validated server-side — porta 7.5 High2025-11-06
CVE-2025-37735 Elastic Defend 安全漏洞 — Kibana 7.0 High2025-11-06
CVE-2025-34298 Nagios Log Server < 2024R1.3.2 Set Email Privilege Escalation — Log Server 8.8AIHighAI2025-10-30
CVE-2023-32199 Rancher user retains access to clusters despite Global Role removal — rancher 4.3 Medium2025-10-29
CVE-2025-7346 pyLoad 安全漏洞 — Pyload 6.2AIMediumAI2025-07-08
CVE-2025-43698 Salesforce OmniStudio 安全漏洞 — OmniStudio 8.1AIHighAI2025-06-10
CVE-2025-43697 Salesforce OmniStudio 安全漏洞 — OmniStudio 6.5AIMediumAI2025-06-10
CVE-2025-43701 Salesforce OmniStudio 安全漏洞 — OmniStudio 4.3AIMediumAI2025-06-10
CVE-2025-43700 Salesforce OmniStudio 安全漏洞 — OmniStudio 6.5AIMediumAI2025-06-10
CVE-2025-27247 Pasteboard has an improper preservation of permissions vulnerability — OpenHarmony 5.5 Medium2025-06-08
CVE-2025-27563 security_access_token has an improper preservation of permissions vulnerability — OpenHarmony 3.3 Low2025-06-08
CVE-2025-26693 security_access_token has an improper preservation of permissions vulnerability — OpenHarmony 3.3 Low2025-06-08
CVE-2025-26691 telephony_call_manager has an improper preservation of permissions vulnerability — OpenHarmony 5.5 Medium2025-06-08
CVE-2024-46941 SystemUI component protection settings vulnerability — SystemUI 4.3AIMediumAI2025-06-06
CVE-2025-43026 HP Support Assistant – Potential Escalation of Privilege — HP Support Assistant 7.8AIHighAI2025-06-05
CVE-2025-32697 Cascading protection is not preventing file reversions — MediaWiki 8.2AIHighAI2025-04-10
CVE-2025-32696 "reupload-own" restriction can be bypassed by reverting file — MediaWiki 7.5AIHighAI2025-04-10
CVE-2025-0914 Velociraptor Shell Plugin Prevent_execve Bypass — Velociraptor 3.8 Low2025-02-27
CVE-2024-53994 Potential bypass of chat permissions in Discourse — discourse 4.3 Medium2025-02-04
CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions — snowflake-connector-nodejs 4.4 Medium2025-01-29
CVE-2025-22620 gix-worktree-state nonexclusive checkout sets executable files world-writable — gitoxide 5.0 Medium2025-01-20
CVE-2025-24337 WriteFreely 安全漏洞 — WriteFreely 8.4 High2025-01-20
CVE-2024-56317 Matter 安全漏洞 — Matter 7.5 -2024-12-18
CVE-2024-43784 Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to it's deletion — lakeFS 5.7 Medium2024-11-26
CVE-2024-9333 Permission bypass in M-Files Connector for Copilot — M-Files Connector for Copilot 4.3 -2024-10-02

Vulnerabilities classified as CWE-281 (权限预留不恰当) represent 91 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.