Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource through improper handling of caveat structures containing nested lists in the caching process. An attacker can gain unauthorized access to protected resources by crafting requests th...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource through improper handling of caveat structures containing nested lists in the caching process. An attacker can gain unauthorized access to protected resources by crafting requests th...

CVE-2026-6499

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5...

Multiple vulnerabilities in ServerView Agents for Windows

Overview ServerView Agents for Windows provided by Fsas Technologies Inc. is server management software. ServerView Agents for Windows contains multiple vulnerabilities listed below. Incorrect permission assignment for critical resource CWE-732 - CVE-2026-27788 Privilege chaining CWE-268 -...

CVE-2026-45316

Summary (Open WebUI CVE-2026-45316): A permission check bug in the POST /api/v1/notes/{id}/pin endpoint allows read-only users to toggle a note’s is_pinned state because it checks read permission instead of write. The issue occurs in Open WebUI prior to 0.9.3 and is fixed in 0.9.3. The vulnerabil...

CVE-2026-6499

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6499

Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5...

CVE-2026-6499

CVE-2026-6499 affects OpenConcerto 1.7.5. The issue is described as an Incorrect Permission Assignment for Critical Resource vulnerability that could allow Replace Binaries. CVSS v4.0 metrics: AV:L, AC:L, PR:L, UI:P, S:U, C:N/I:N/A:N with VU: none/low; base score 2.4 (LOW). Exploitation status is...

CVE-2026-1880

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows t...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the Correlations feature due to a backward compatibility condition that allows records with orgid=0 to be accessed across organizations. An attacker with datasource management...

CVE-2026-28264

Dell PowerProtect Agent Service (versions prior to 20.1) is affected by an Incorrect Permission Assignment for Critical Resource vulnerability. A low-privileged attacker with local access could trigger information exposure. Affected component: Dell PowerProtect Agent Service. Root cause: incorrec...

EUVD-2026-20449

Dell PowerProtect Agent Service, versions prior to 20.1, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure...

Incorrect Permission Assignment for Critical Resource

Overview anthropic is a The official Python library for the anthropic API Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the local filesystem memory tool due to files being created with overly permissive permissions. An attacker can...

EUVD-2026-17873

Dell AppSync, versions 4.6.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-22768

Dell AppSync, versions 4.6.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-22768

Dell AppSync, versions 4.6.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-22768

Dell AppSync, version 4.6.0, contains an Incorrect Permission Assignment for a Critical Resource vulnerability. A low-privileged attacker with local access could exploit this to achieve Elevation of Privileges. CVSS v3.1 indicates Local attack vector, Low attack complexity, Privileges Required: L...

CVE-2026-22768

Dell AppSync, versions 4.6.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

PT-2026-31294

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Agent Service versions prior to 20.1 Description The Dell PowerProtect Agent Service contains an Incorrect Permission Assignment for Critical Resource issue. A low privileged attacker with local access could potentially explo...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the /ui/dependencies endpoint, which returns the complete DAG dependency graph without verifying authorized DAG IDs. An attacker can gain unauthorized access to information about...