Fallos del tipo CWE-863
2111 resultadosCVE-2026-45831HIGHThe SimpleRBACAuthorizationProvider authorization provider in versions 0.5.0 or later of the ChromaDB Python project evaluates whether a useEPSS 0.2%CVE-2026-31887HIGHShopware unauthenticated data extraction possible through store-api.order endpointEPSS 0.2%CVE-2025-64490HIGHSuiteCRM's Inconsistent RBAC Enforcement Enables Access Control BypassEPSS 0.2%CVE-2026-44991LOWOpenClaw < 2026.4.21 - Authorization Bypass in Owner-Enforced Commands via Wildcard Channel SendersEPSS 0.2%CVE-2025-21553MEDIUMVulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.25, 21.3-21.16 and 23.4EPSS 0.2%CVE-2022-4349MEDIUMCTF-hacker pwn delete.html cross-site request forgeryEPSS 0.2%CVE-2026-54517MEDIUMjackson-databind: @JsonView bypass for setterless creator propertiesEPSS 0.2%CVE-2026-6863MEDIUMHTTP Filestore Endpoints Misapply Permissions Across OrganizationsEPSS 0.2%CVE-2025-54596MEDIUMAbnormal Security /v1.0/rbac/users_v2/{USER_ID}/ before 2025-02-19 allows downgrading the privileges of other user accounts.EPSS 0.2%CVE-2024-23250MEDIUMAn access issue was addressed with improved access restrictions. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17EPSS 0.2%CVE-2026-3553LOWIncorrect Authorization in GitLabEPSS 0.2%CVE-2020-35501—A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the EPSS 0.2%CVE-2023-30840MEDIUMOn a compromised node, the fluid-csi service account can be used to modify node specsEPSS 0.2%CVE-2024-54010LOWUnauthenticated Traffic Handling Flaw Allows Packet Leakage on HPE Aruba Networking CX 10000 series switchesEPSS 0.2%CVE-2024-55592LOWAn incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.7 all versions, 6.6 EPSS 0.2%CVE-2026-42438MEDIUMOpenClaw 2026.4.9 < 2026.4.10 - Sender Policy Bypass in Host Media Attachment ReadsEPSS 0.2%CVE-2025-14352MEDIUMAwesome Hotel Booking <= 1.0.3 - Incorrect Authorization to Unauthenticated Arbitrary Booking ModificationEPSS 0.2%CVE-2024-57969MEDIUMapp/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search.EPSS 0.2%CVE-2026-1999HIGHIncorrect Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized merging of pull requestsEPSS 0.2%CVE-2025-24869MEDIUMInformation Disclosure vulnerability in SAP NetWeaver Application Server JavaEPSS 0.2%