Falhas do tipo CWE-266
963 resultadosCVE-2026-11521MEDIUMMohammed-eid35 bank-management-system-springboot Transaction Endpoint TransactionController.java improper authorizationEPSS 0.3%CVE-2026-1597MEDIUMBdtask SalesERP Administrative Endpoint improper authorizationEPSS 0.3%CVE-2023-29066LOWIncorrect User ManagementEPSS 0.3%CVE-2025-15125LOWJeecgBoot queryDepartPermission improper authorizationEPSS 0.3%CVE-2025-48741MEDIUMA Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote,EPSS 0.3%CVE-2025-15123LOWJeecgBoot datarule improper authorizationEPSS 0.3%CVE-2025-15122LOWJeecgBoot datarule loadDatarule improper authorizationEPSS 0.3%CVE-2025-15124LOWJeecgBoot list getParameterMap improper authorizationEPSS 0.3%CVE-2026-11532MEDIUMimvks786 student_management_system Student Record add.php access controlEPSS 0.3%CVE-2026-3668LOWFreedom Factory dGEN1 org.ethosmobile.webpwaemul AndroidEthereum access controlEPSS 0.3%CVE-2024-23794MEDIUMAgents are able to lock the ticket without the "Owner" permissionEPSS 0.3%CVE-2026-10876MEDIUMSourceCodester Ship Ferry Ticket Reservation System admin improper authorizationEPSS 0.3%CVE-2025-10422MEDIUMnewbee-mall Order Status paySuccess improper authorizationEPSS 0.3%CVE-2025-5390MEDIUMJeeWMS File filedeal.do filedeal access controlEPSS 0.3%CVE-2025-27028MEDIUMRead access of deprivileged Radiflow iSAP Smart Collector userEPSS 0.3%CVE-2025-66296HIGHGrav vulnerable to Privilege Escalation in Grav Admin: Missing Username Uniqueness Check Allows Admin Account TakeoverEPSS 0.3%CVE-2025-3517MEDIUMIncorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM user to elevate a prevEPSS 0.3%CVE-2024-23288HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watEPSS 0.3%CVE-2023-38296HIGHVarious software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local EPSS 0.3%CVE-2026-45490HIGH.NET SDK Elevation of Privilege VulnerabilityEPSS 0.3%