Falhas do tipo CWE-863
2.111 resultadosCVE-2026-0934LOWIncorrect Authorization in GitLabEPSS 0.2%CVE-2026-10211MEDIUMAstrBotDevs AstrBot fs.py _normalize_rw_path authorizationEPSS 0.2%CVE-2026-45081MEDIUMFrappe HR: Permission Bypass in HRMS Leave Details APIEPSS 0.2%CVE-2026-9808HIGHAn authorization bypass vulnerability exists in the Mautic 7 API v2 endpoints (utilizing API Platform). Under certain conditions, roles confEPSS 0.2%CVE-2025-11865MEDIUMIncorrect Authorization in GitLabEPSS 0.2%CVE-2025-66005HIGHLack of Authentication in the InputManager D-Bus interfaceEPSS 0.2%CVE-2026-47238MEDIUMClipBucket: IDOR in videos subtitle editorEPSS 0.2%CVE-2025-23244HIGHNVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successfuEPSS 0.2%CVE-2022-27608MEDIUMForcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with AdministEPSS 0.2%CVE-2026-41350MEDIUMOpenClaw < 2026.3.31 - Session Visibility Bypass via session_status in Unsandboxed InvocationsEPSS 0.2%CVE-2023-29818MEDIUMAn issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections viEPSS 0.2%CVE-2023-35983—This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7EPSS 0.2%CVE-2026-45549HIGHRoxy-WI: Authorization bypass on POST /smon/agent/action/<action> — guest can stop or restart smon-agent on any hostEPSS 0.2%CVE-2023-3027HIGHThe grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtaiEPSS 0.2%CVE-2025-3446MEDIUMMembers Without Guest Invite Permissions Can Add Guests to TeamsEPSS 0.2%CVE-2026-27775—Gitea pre-receive hook permission cache allows full repository write accessEPSS 0.2%CVE-2025-32093MEDIUMSyatem admin profile modification by delegated granular administration roleEPSS 0.2%CVE-2023-29819MEDIUMAn issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections viEPSS 0.2%CVE-2026-32715LOWAnythingLLM Manager Privilege Bypass Allows Access to Admin-Only System PreferencesEPSS 0.2%CVE-2026-32028MEDIUMOpenClaw < 2026.2.25 - Missing Authorization Check in Discord DM Reaction IngressEPSS 0.2%