Falhas do tipo CWE-863
2.102 resultadosCVE-2026-30854MEDIUMParse Server: GraphQL `__type` introspection bypass via inline fragments when public introspection is disabledEPSS 0.3%CVE-2026-9350MEDIUMNousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorizationEPSS 0.3%CVE-2024-56348MEDIUMIn JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agentsEPSS 0.3%CVE-2025-2570LOWSystem Admin Cannot Access Environment settings in System Console While System Manager CanEPSS 0.3%CVE-2024-7108HIGHIncorrect Authorization in National Keep's CyberMathEPSS 0.3%CVE-2023-42124MEDIUMAvast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation VulnerabilityEPSS 0.3%CVE-2026-34532CRITICALParse Server: Cloud function validator bypass via prototype chain traversalEPSS 0.3%CVE-2025-20257MEDIUMCisco Secure Network Analytics API Authorization VulnerabilityEPSS 0.3%CVE-2026-25565HIGHWeKan < 8.19 Read-only Board Roles Can Update CardsEPSS 0.3%CVE-2025-14318MEDIUMImproper access validation in M-Files ServerEPSS 0.3%CVE-2025-0516MEDIUMIncorrect Authorization in GitLabEPSS 0.3%CVE-2026-32023MEDIUMOpenClaw < 2026.2.24 - Approval Gating Bypass via Dispatch-Wrapper Depth-Cap Mismatch in system.runEPSS 0.3%CVE-2026-44173MEDIUMMariaDB: FILE privilege was not checked for subqueries in the FROM clauseEPSS 0.3%CVE-2024-20510MEDIUMA vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticEPSS 0.3%CVE-2026-3977MEDIUMprojectsend AJAX Endpoints authorizationEPSS 0.3%CVE-2025-36120HIGHIBM Storage Virtualize privilege escalationEPSS 0.3%CVE-2024-13257MEDIUMCommerce View Receipt - Moderately critical - Access bypass - SA-CONTRIB-2024-021EPSS 0.3%CVE-2024-56350MEDIUMIn JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projectsEPSS 0.3%CVE-2026-40099MEDIUMKirby's page creation API bypasses the changeStatus permission check via unfiltered isDraft parameterEPSS 0.3%CVE-2025-54877MEDIUMTuleap's special and always there fields permissions are not verified in cross-tracker searchEPSS 0.3%