Falhas do tipo CWE-862

7.035 resultados
CVE-2026-42320MEDIUMGLPI vulnerable to arbitrary file accessEPSS 0.2%CVE-2025-13354MEDIUMTag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Taxonomy Term ManipulationEPSS 0.2%CVE-2025-61755LOWVulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). Supported versions that are affected are OraclEPSS 0.2%CVE-2020-10697A flaw was found in Ansible Tower when running Openshift. Tower runs a memcached, which is accessed via TCP. An attacker can take advantage EPSS 0.2%CVE-2025-64132MEDIUMJenkins MCP Server Plugin 0.84.v50ca_24ef83f2 and earlier does not perform permission checks in multiple MCP tools, allowing attackers to trEPSS 0.2%CVE-2025-63077MEDIUMWordPress Happy Addons for Elementor plugin <= 3.20.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-13093MEDIUMDevs CRM – Manage tasks, attendance and teams all together <= 1.1.8 - Missing Authorization to Unauthenticated Lead Tag UpdateEPSS 0.2%CVE-2025-58666MEDIUMWordPress Website Chat Button: Kommo integration Plugin <= 1.3.1 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2025-32279MEDIUMWordPress Live Forms plugin <= 4.8.5 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-25436MEDIUMWordPress Royal Elementor Addons plugin < 1.7.1053 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-26956HIGHWordPress Traveler theme < 3.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-34899MEDIUMWordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.2.1 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-1103MEDIUMAIKTP <= 5.0.04 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator ActionsEPSS 0.2%CVE-2026-40592MEDIUMFreeScout's cross-user undo reply allows mailbox peers to recall another agent's outbound replyEPSS 0.2%CVE-2026-40774HIGHWordPress Booking Package plugin <= 1.7.06 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2026-47351MEDIUMTYPO3 CMS - Broken Access Control in ClipboardEPSS 0.2%CVE-2026-47350MEDIUMTYPO3 CMS - Broken Access Control in DataHandlerEPSS 0.2%CVE-2026-44563MEDIUMOpen WebUI: Ollama Model Access Control Bypass via /api/generate, /api/embed, /api/embeddings, and /api/showEPSS 0.2%CVE-2026-47349MEDIUMTYPO3 CMS - Broken Access Control in RecyclerEPSS 0.2%CVE-2026-8614MEDIUMAssistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX ActionEPSS 0.2%