CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1919 vulnerabilities reference this CWE, most recent first.
GHSA-H9P3-57F6-XPMG
Vulnerability from github – Published: 2025-01-30 03:30 – Updated: 2025-01-30 03:30A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-0849"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-30T02:15:25Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as critical has been found in CampCodes School Management Software 1.0. Affected is an unknown function of the file /edit-staff/ of the component Staff Handler. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-h9p3-57f6-xpmg",
"modified": "2025-01-30T03:30:51Z",
"published": "2025-01-30T03:30:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0849"
},
{
"type": "WEB",
"url": "https://github.com/KhukuriRimal/Vulnerabilities/blob/main/Sensitive%20Super%20Admin%20Data%20Exposure%20and%20Unauthorized%20Data%20Update%20via%20IDOR%20(Teacher%20Role%20to%20Super%20Admin%20Role).pdf"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.294012"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.294012"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.487618"
},
{
"type": "WEB",
"url": "https://www.campcodes.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-H9XR-FPRQ-HCR8
Vulnerability from github – Published: 2026-06-26 15:32 – Updated: 2026-06-26 15:32Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
{
"affected": [],
"aliases": [
"CVE-2026-56030"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-26T15:16:42Z",
"severity": "CRITICAL"
},
"details": "Unauthenticated Privilege Escalation in Paytium \u003c= 5.0.2 versions.",
"id": "GHSA-h9xr-fprq-hcr8",
"modified": "2026-06-26T15:32:16Z",
"published": "2026-06-26T15:32:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56030"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/paytium/vulnerability/wordpress-paytium-plugin-5-0-2-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HC5J-8JRJ-7V92
Vulnerability from github – Published: 2025-04-29 15:31 – Updated: 2025-04-29 15:31A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
{
"affected": [],
"aliases": [
"CVE-2025-4066"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-29T15:15:54Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/addpackage.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
"id": "GHSA-hc5j-8jrj-7v92",
"modified": "2025-04-29T15:31:54Z",
"published": "2025-04-29T15:31:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4066"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.306503"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.306503"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.559480"
},
{
"type": "WEB",
"url": "https://www.websecurityinsights.my.id/2025/04/script-and-tools-online-travling-system_82.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-HF3G-728J-F82R
Vulnerability from github – Published: 2026-01-22 18:30 – Updated: 2026-01-27 00:31Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.
{
"affected": [],
"aliases": [
"CVE-2025-69292"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-22T17:16:26Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through \u003c= 1.6.4.",
"id": "GHSA-hf3g-728j-f82r",
"modified": "2026-01-27T00:31:12Z",
"published": "2026-01-22T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69292"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/Wordpress/Plugin/wp-membership/vulnerability/wordpress-wp-membership-plugin-1-6-4-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-HFG7-2C63-28R2
Vulnerability from github – Published: 2025-09-04 21:31 – Updated: 2025-09-04 21:31In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. This could lead to local escalation of privilege on versions of Android where android.permission.MANAGE_DEFAULT_APPLICATIONS was not defined with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2025-26425"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-04T18:15:40Z",
"severity": "MODERATE"
},
"details": "In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. This could lead to local escalation of privilege on versions of Android where android.permission.MANAGE_DEFAULT_APPLICATIONS was not defined with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-hfg7-2c63-28r2",
"modified": "2025-09-04T21:31:37Z",
"published": "2025-09-04T21:31:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26425"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/packages/modules/Permission/+/850ce9ea3ac72540ce310722633d9c893a32dfdd"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2025-05-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HFPC-9V44-8WJP
Vulnerability from github – Published: 2025-09-04 21:31 – Updated: 2025-09-05 18:31In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches when setting up a new Pixel Watch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2024-49731"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-04T20:15:33Z",
"severity": "MODERATE"
},
"details": "In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches when setting up a new Pixel Watch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.",
"id": "GHSA-hfpc-9v44-8wjp",
"modified": "2025-09-05T18:31:19Z",
"published": "2025-09-04T21:31:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-49731"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/wear/2025-02-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-HFRV-9M27-MWHJ
Vulnerability from github – Published: 2025-04-28 21:30 – Updated: 2025-04-28 21:30A vulnerability was found in 201206030 Novel 3.5.0 and classified as critical. This issue affects the function updateBookChapter of the file src/main/java/io/github/xxyopen/novel/controller/author/AuthorController.java of the component Chapter Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-4036"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-28T20:15:21Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in 201206030 Novel 3.5.0 and classified as critical. This issue affects the function updateBookChapter of the file src/main/java/io/github/xxyopen/novel/controller/author/AuthorController.java of the component Chapter Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-hfrv-9m27-mwhj",
"modified": "2025-04-28T21:30:43Z",
"published": "2025-04-28T21:30:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4036"
},
{
"type": "WEB",
"url": "https://github.com/Sinon2003/cve/blob/main/novel/Novel%20%20has%20a%20logic%20authorization%20bypass%20vulnerability%20in%20AuthorController.md"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.306401"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.306401"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.558414"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-HG9X-54VV-QQ44
Vulnerability from github – Published: 2025-09-10 21:30 – Updated: 2025-09-10 21:30A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-10209"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-10T19:15:40Z",
"severity": "MODERATE"
},
"details": "A security flaw has been discovered in Papermerge DMS up to 3.5.3. This issue affects some unknown processing of the component Authorization Token Handler. Performing manipulation results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-hg9x-54vv-qq44",
"modified": "2025-09-10T21:30:19Z",
"published": "2025-09-10T21:30:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10209"
},
{
"type": "WEB",
"url": "https://docs.google.com/document/d/19j0mCR-QOuhlxAJMir00Z8_MZdydVdmE_Ak09ra2NHw/edit?tab=t.0"
},
{
"type": "WEB",
"url": "https://docs.google.com/document/d/19j0mCR-QOuhlxAJMir00Z8_MZdydVdmE_Ak09ra2NHw/edit?usp=sharing"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.323482"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.323482"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.639750"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-HGP6-2X4P-6V2C
Vulnerability from github – Published: 2025-03-20 18:30 – Updated: 2025-03-20 18:30A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been classified as problematic. This affects an unknown part of the file /goform/formSetPortTr. The manipulation leads to improper access controls. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
{
"affected": [],
"aliases": [
"CVE-2025-2551"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-20T17:15:39Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been classified as problematic. This affects an unknown part of the file /goform/formSetPortTr. The manipulation leads to improper access controls. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.",
"id": "GHSA-hgp6-2x4p-6v2c",
"modified": "2025-03-20T18:30:31Z",
"published": "2025-03-20T18:30:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2551"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formSetPortTr-1b153a41781f809d95c8e39c6c31c348?pvs=4"
},
{
"type": "WEB",
"url": "https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formSetPortTr-1b053a41781f8000a9ded17aa2f587cc?pvs=4"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.300165"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.300165"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.516793"
},
{
"type": "WEB",
"url": "https://www.dlink.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-HGR9-G45R-GR3R
Vulnerability from github – Published: 2025-08-09 18:30 – Updated: 2025-08-09 18:30A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-8758"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-09T16:15:26Z",
"severity": "HIGH"
},
"details": "A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-hgr9-g45r-gr3r",
"modified": "2025-08-09T18:30:26Z",
"published": "2025-08-09T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8758"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.319263"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.319263"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.624299"
},
{
"type": "WEB",
"url": "https://www.notion.so/23e54a1113e78009adc9d909b254812b"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.