Weaknesses of type CWE-863
2,100 resultsCVE-2026-40291HIGHChamilo LMS has Privilege Escalation via API User Role ModificationEPSS 0.3%CVE-2026-33302HIGHOpenEMR: zhAclCheck Ignores Explicit ACL DeniesEPSS 0.3%CVE-2025-11862HIGHVerve Asset Manager Access Control VulnerabilityEPSS 0.3%CVE-2026-1524LOWAuth misconfiguration when multiple providers enabledEPSS 0.3%CVE-2026-54307HIGHn8n: Credential Exfiltration via Permission BypassEPSS 0.3%CVE-2020-36920HIGHiDS6 DSSPro Digital Signage System 6.2 Privilege Escalation via Access ControlEPSS 0.3%CVE-2024-45037MEDIUMAWS CDK RestApi not generating authorizationScope correctly in resultant CFN templateEPSS 0.3%CVE-2026-44832HIGHSnipe-IT: Privilege Escalation via API Permissions AssignmentEPSS 0.3%CVE-2024-7266HIGHUsers listing in EZD RPEPSS 0.3%CVE-2019-25237HIGHV-SOL GPON/EPON OLT Platform 2.03 Privilege Escalation via User Role ParameterEPSS 0.3%CVE-2024-44137MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An attackeEPSS 0.3%CVE-2025-13063MEDIUMDinukaNavaratna Dee Store authorizationEPSS 0.3%CVE-2026-53807HIGHOpenClaw < 2026.5.6 - Authorization Bypass in Telegram Interactive Callbacks via commands.allowFromEPSS 0.3%CVE-2026-42357MEDIUMApache DolphinScheduler: Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access.EPSS 0.3%CVE-2026-1752MEDIUMIncorrect Authorization in GitLabEPSS 0.3%CVE-2024-13291HIGHBasic HTTP Authentication - Critical - Access bypass - SA-CONTRIB-2024-057EPSS 0.3%CVE-2024-23823MEDIUMCORS settings overly permissive in vantage6EPSS 0.3%CVE-2024-22938HIGHInsecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the initEPSS 0.3%CVE-2025-49550MEDIUMAdobe Commerce | Incorrect Authorization (CWE-863)EPSS 0.3%CVE-2026-45339MEDIUMOpen WebUI: API key endpoint restrictions bypassed via `x-api-key` header — full message processing on restricted endpointsEPSS 0.3%