Falhas do tipo CWE-863
2.111 resultadosCVE-2026-33869MEDIUMMastodon has a denial of service for quote authorizationEPSS 0.2%CVE-2023-3485LOWInsecure Default Authorization in Temporal ServerEPSS 0.2%CVE-2025-64746MEDIUMDirectus has Improper Permission Handling on Deleted FieldsEPSS 0.2%CVE-2023-7047—
Inadequate validation of permissions when employing remote tools and
macros via the context menu within Devolutions Remote Desktop ManagerEPSS 0.2%CVE-2022-40682HIGHA incorrect authorization in Fortinet FortiClient (Windows) 7.0.0 - 7.0.7, 6.4.0 - 6.4.9, 6.2.0 - 6.2.9 and 6.0.0 - 6.0.10 allows an attackeEPSS 0.2%CVE-2026-24692MEDIUMGuest users can bypass read permissions via search APIEPSS 0.2%CVE-2026-13508MEDIUMkhoj-ai khoj Conversation Sharing api_chat.py authorizationEPSS 0.2%CVE-2026-6343MEDIUMMattermost Playbooks Plugin fails to enforce view permissions in list endpoints, allowing unauthorized access to public playbooksEPSS 0.2%CVE-2025-13767MEDIUMUnauthorized Read Access to Private Channel Posts via Mattermost Jira PluginEPSS 0.2%CVE-2026-32067LOWOpenClaw < 2026.2.26 - Cross-Account Authorization Bypass in DM Pairing StoreEPSS 0.2%CVE-2025-68386MEDIUMKibana Improper AuthorizationEPSS 0.2%CVE-2026-41852LOWSpring Framework Arbitrary Method Invocation in SpEL ExpressionsEPSS 0.2%CVE-2025-30440MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app mEPSS 0.2%CVE-2025-1417MEDIUMInformation disclosure in Proget MDMEPSS 0.2%CVE-2026-5712HIGHIdentityIQ Role Editor Incorrect Authorization VulnerabilityEPSS 0.2%CVE-2026-9048MEDIUMSlider Revolution 7.0.0 - 7.0.14 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.2%CVE-2026-42884MEDIUMAudiobookshelf: Collection endpoints bypass library access controls exposing restricted library dataEPSS 0.2%CVE-2025-43251MEDIUMAn authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain acEPSS 0.2%CVE-2025-69289MEDIUMDiscourse has insecure default configuration that allows non-admin moderators to takeover any non-staff account via email changeEPSS 0.2%CVE-2025-1418MEDIUMInformation disclosure in Proget MDMEPSS 0.2%