Weaknesses of type CWE-863
2,111 resultsCVE-2026-35491MEDIUMPi-hole FTL: CLI API sessions can import Teleporter archives and modify configurationEPSS 0.2%CVE-2026-35673MEDIUMOpenClaw < 2026.4.29 - SSRF Policy Bypass via Browser Debug/Export RoutesEPSS 0.2%CVE-2026-33251MEDIUMDiscourse has a Hidden Solved topics permission bypassEPSS 0.2%CVE-2026-3236LOWIn affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key haEPSS 0.2%CVE-2026-35555HIGHSubnet Solutions PowerSYSTEM Center Incorrect AuthorizationEPSS 0.2%CVE-2024-42423MEDIUMCitrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled foEPSS 0.2%CVE-2026-28709MEDIUMUnauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (LinuEPSS 0.2%CVE-2026-4055MEDIUMInsufficient permission validation on cross-team playbook run creationEPSS 0.2%CVE-2026-6341MEDIUMIncomplete group locking implementationEPSS 0.2%CVE-2026-28759MEDIUMInsufficient authorization in shared channel membership sync allows remote cluster to remove users from arbitrary channelsEPSS 0.2%CVE-2025-8886MEDIUMAuthorization Bypass in Usta Information Systems' Aybs InteraktifEPSS 0.2%CVE-2026-0997MEDIUMMattermost Zoom Plugin channel preference API lacks authorization checksEPSS 0.2%CVE-2026-26973MEDIUMDiscourse doesn't scope reviewable notes to user-visible reviewablesEPSS 0.2%CVE-2026-6342MEDIUMGroup prefix matching bypass for subscriptionsEPSS 0.2%CVE-2026-31991LOWOpenClaw < 2026.2.26 - Authorization Bypass via DM Pairing-Store Leakage in Signal Group AllowlistEPSS 0.2%CVE-2026-28732MEDIUMSlash command trigger-word update allowed command hijackingEPSS 0.2%CVE-2026-32923MEDIUMOpenClaw < 2026.3.11 - Authorization Bypass in Discord Guild Reaction Allowlist EnforcementEPSS 0.2%CVE-2025-8148MEDIUMCVE-2025-8148 Improper Access Control in SFTP service of GoAnywhere MFTEPSS 0.2%CVE-2024-7915HIGHmacOS Sensei Mac Cleaner Local Privilege Escalation via PID Reuse - Race Condition AttackEPSS 0.2%CVE-2026-46549LOWNocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope EscalationEPSS 0.2%