Fallos del tipo CWE-863
2111 resultadosCVE-2026-54358HIGHMISP organization administrators can target site administrator accounts for password resetEPSS 0.2%CVE-2026-26274MEDIUMOctober: Safe Mode Bypass via Twig Database Write OperationsEPSS 0.2%CVE-2026-33249MEDIUMNATS: Message tracing can be redirected to arbitrary subjectEPSS 0.2%CVE-2026-2465HIGHImproper Authorization in E-Kalite's Turboard FOR-SEPSS 0.2%CVE-2024-40855MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2EPSS 0.2%CVE-2025-12621MEDIUMFlexible Refund and Return Order for WooCommerce <= 1.0.42 - Incorrect Authorization to Authenticated (Contributor+) Refund Status UpdateEPSS 0.2%CVE-2021-37409HIGHImproper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enablEPSS 0.2%CVE-2026-41235HIGHFroxlor has an authorization bypass in FTP shell assignment via missing server-side `available_shells` enforcementEPSS 0.2%CVE-2026-32991HIGHImproper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.EPSS 0.2%CVE-2026-53521MEDIUMNezha Monitoring: Stored future DDNS profile ID allows unauthorized use of another user's DDNS profile contextEPSS 0.2%CVE-2025-15513MEDIUMFloat Payment Gateway <= 1.1.9 - Improper Authorization to Unauthenticated Order Status ManipulationEPSS 0.2%CVE-2024-29213HIGHIvanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unsEPSS 0.2%CVE-2024-29821HIGHIvanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unsEPSS 0.2%CVE-2026-12797MEDIUMBerriAI litellm Completions banned_keywords.py async_pre_call_hook authorizationEPSS 0.2%CVE-2026-54397MEDIUMMISP event editing allows unauthorized assignment to undisclosed sharing groupsEPSS 0.2%CVE-2025-15633MEDIUMHCL BigFix WebUI is affected by an improper authorization vulnerabilityEPSS 0.2%CVE-2024-44287MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A maliciEPSS 0.2%CVE-2025-15288LOWTanium addressed an improper access controls vulnerability in Interact.EPSS 0.2%CVE-2024-44253MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app mEPSS 0.2%CVE-2026-33477MEDIUMFileRise has incorrect authorization in /api/file/snippet.php allows read_own users to read other users’ file contentEPSS 0.2%