Fallos del tipo CWE-266
962 resultadosCVE-2026-9562MEDIUMsambitraj STUDENT-MANAGEMENT-SYSTEM Dashboard access controlEPSS 0.3%CVE-2026-12771LOWBerriAI litellm M2M JWT user_api_key_auth.py improper authorizationEPSS 0.3%CVE-2025-25023MEDIUMIBM Security Guardium information disclosureEPSS 0.3%CVE-2024-13188MEDIUMMicroWorld eScan Antivirus Installation var default permissionEPSS 0.3%CVE-2026-5124MEDIUMosrg GoBGP BGP Header bgp.go BGPHeader.DecodeFromBytes access controlEPSS 0.3%CVE-2026-49083HIGHWordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-5389MEDIUMJeeWMS File generateController.do dogenerateOne2Many access controlEPSS 0.3%CVE-2025-14778MEDIUMKeycloak: incorrect ownership checks in /uma-policy/EPSS 0.3%CVE-2022-1746HIGH2.2.8 INCORRECT PRIVILEGE ASSIGNMENT CWE-266EPSS 0.3%CVE-2025-5387MEDIUMJeeWMS File generateController.do dogenerate access controlEPSS 0.3%CVE-2026-9795HIGHKeycloak: keycloak: privilege escalation via improper scope mapping enforcementEPSS 0.3%CVE-2026-7109MEDIUMcode-projects Invoice System in Laravel API Endpoint item improper authorizationEPSS 0.3%CVE-2026-2896MEDIUMfunadmin Configuration Ajax.php setConfig improper authorizationEPSS 0.3%CVE-2026-25414HIGHWordPress WPBookit Pro plugin <= 1.6.18 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-2843HIGHObservability-operator: observability operator privilege escalationEPSS 0.3%CVE-2025-13115MEDIUMmacrozheng mall-swarm/mall Order Details detail improper authorizationEPSS 0.3%CVE-2026-11620MEDIUMTOTOLINK EX200 vsftpd vsftpd.conf least privilege violationEPSS 0.3%CVE-2025-27095MEDIUMJumpServer has a Kubernetes Token Leak VulnerabilityEPSS 0.3%CVE-2026-12529MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics Student Self-Registration Endpoint index.php access controlEPSS 0.3%CVE-2026-22914MEDIUMAn attacker with limited permissions may still be able to write files to specific locations on the device, potentially leading to system manEPSS 0.3%