CVE-2026-7778

CVE-2026-7778 affects the runZero Platform dashboard configuration exposure. The issue is due to improper privilege management (CWE-269), allowing a dashboard configuration to be viewed outside the authorized organization scope. The fixed version is v4.0.260416.0 of the runZero Platform. CVSS v3....

EUVD-2026-22174

During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...

EUVD-2026-21470

OpenClaw before 2026.3.22 fails to enforce controlScope restrictions on the send action, allowing leaf subagents to message controlled child sessions beyond their authorized scope. Attackers can exploit this by using the send action to communicate with child sessions without proper scope...

EUVD-2026-19703

An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 5.8 Medium. This...

CVE-2026-5381

CVE-2026-5381 concerns the runZero Platform where task information could be exposed outside the authorized organization scope due to an incorrect authorization (CWE-863). The issue carries a CVSS v3.1 base score of 2.2 (LOW), with vector AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N. The vulnerability is m...

CVE-2026-2698

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...

CVE-2026-2698 Improper Access Control

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...

CVE-2026-2698 Improper Access Control

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...

PT-2026-21528

Name of the Vulnerable Software and Affected Versions versions prior to 2026 Description An improper access control issue allows authenticated users to access areas outside of their authorized scope. Recommendations At the moment, there is no information about a newer version that contains a fix...

CVE-2025-36636

In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...

[R1] Security Center Version 6.7.0 Fixes One Vulnerability

R1 Security Center Version 6.7.0 Fixes One Vulnerability Arnie Cabral Wed, 10/08/2025 - 10:29 In Tenable Security Center versions prior to 6.7.0, an improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope...