Fallos del tipo CWE-863
2111 resultadosCVE-2026-26289HIGHSubnet Solutions PowerSYSTEM Center Incorrect AuthorizationEPSS 0.1%CVE-2026-40599HIGHClearanceKit: Ad-hoc signed binaries can spoof Apple process identities in the global allowlistEPSS 0.1%CVE-2025-23256HIGHNVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorizatiEPSS 0.1%CVE-2026-28755MEDIUMNGINX ngx_stream_ssl_module vulnerabilityEPSS 0.1%CVE-2026-28951HIGHAn authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOEPSS 0.1%CVE-2024-47148MEDIUMSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptiEPSS 0.1%CVE-2025-0359HIGHDuring an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework thaEPSS 0.1%CVE-2026-42432HIGHOpenClaw < 2026.4.8 - Command Escalation via Node Pairing Reconnect BypassEPSS 0.1%CVE-2025-10015MEDIUMTCC Bypass via Downloader XPC Service in SparkleEPSS 0.1%CVE-2026-49219MEDIUMImageMagick: Policy Bypass can read disallowed filesEPSS 0.1%CVE-2026-54555HIGHrtk: Permission-gate bypass in rtk rewrite auto-allow via unsplit shell separatorsEPSS 0.1%CVE-2025-4975MEDIUMTapo privilege escalation on shared devices using notificationsEPSS 0.1%CVE-2026-22682HIGHOpenHarness Improper Access Control via File ToolsEPSS 0.1%CVE-2025-0885LOWIncorrect Authorization vulnerability affects OpenText™ GroupWiseEPSS 0.1%CVE-2023-25189LOWBTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regaEPSS 0.1%CVE-2025-4960HIGHmacOS Local Privilege Escalation via Improper Authorization Handling in EPSON Printer Controller InstallerEPSS 0.1%CVE-2024-8011LOWLogitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granteEPSS 0.1%CVE-2026-55411MEDIUMToolJet: Cross-tenant credential decryption (IDOR) in POST /api/data-sources/decrypt — any authenticated user can decrypt any organization's data-source secretsEPSS 0.1%CVE-2026-26963MEDIUMCilium may not enforce host firewall policies when Native Routing, WireGuard and Node Encryption are enabledEPSS 0.1%CVE-2026-21789MEDIUMHCL Connections is vulnerable to broken access controlEPSS 0.1%