327 matches found
EUVD-2026-39335
Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
CVE-2026-41566
Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
EUVD-2026-35532
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
PT-2026-47868
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...
CVE-2026-21022
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21022
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
PT-2026-40574
Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...
PYSEC-2026-147
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could still access the history report for the page, potentially resulting in disclosure of sensitive information. This vulnerability is fixed in 7.0.7...
Improper Handling of Insufficient Permissions or Privileges
Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the API for documents and images. A user with access to the API can access filenames and names of items...
Improper Handling of Insufficient Permissions or Privileges
Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges when viewing page history. A user without edit permissions on a given page can access the history report fo...
Improper Handling of Insufficient Permissions or Privileges
Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via revision comparisons. An attacker can gain unauthorized access to sensitive information by supplying th...
EUVD-2026-22449
Improper handling of insufficient permissions or privileges in Windows Installer allows an authorized attacker to elevate privileges locally...
Apache OpenMeetings 安全漏洞
Apache OpenMeetings is a multilingual, customizable video conferencing and collaboration system developed by the Apache Foundation in the United States. This product supports audio and video capabilities, and allows users to view the desktops of each participant. Prior to Apache OpenMeetings 9.0....
CVE-2026-35479 InvenTree Plugin Installation - Insufficient Permissions
InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account access. This level of permission requirement is out of alignment with other plugin actions such as...
CVE-2026-35479 InvenTree Plugin Installation - Insufficient Permissions
InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account access. This level of permission requirement is out of alignment with other plugin actions such as...
Improper Handling of Insufficient Permissions or Privileges
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the operator.write module reaching admin-class Talk Voice configuration persistence through chat.send. An attacker can gain...
Search Guard FLX 安全漏洞
Search Guard FLX is an encryption, authentication, and authorization system developed by the German company Search Guard. Versions 3.0.0 to 4.0.1 of Search Guard FLX contain security vulnerabilities, which stem from the possibility for users with insufficient permissions to perform certain...
CVE-2026-33572
OpenClaw is affected by CVE-2026-33572 prior to version 2026.2.17, where session transcript JSONL files are created with overly broad default permissions. This allows local attackers with access to read transcript contents and potentially extract sensitive information, including secrets from tool...
CVE-2026-29077
Frappe is a full-stack web application framework. Prior to versions 15.98.0 and 14.100.0, due to a lack of validation when sharing documents, a user could share a document with a permission that they themselves didn't have. This issue has been patched in versions 15.98.0 and 14.100.0...
ROS-20260224-73-0015
Vulnerability in moodle related to incorrect handling of insufficient permissions or privileges. Exploitation of the vulnerability may allow an attacker to escalate privileges...