Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

407 matches found

NVD
NVDadded 2026/06/12 4:17 a.m.11 views

CVE-2026-47366

Improper verification of access permissions when modifying permissions through the Administration Control Panel ACP allowed an authenticated administrator to grant permissions beyond the level authorized for their account, resulting in privilege escalation within the administrative interface...

7.2CVSS0.00299EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/12 12:0 a.m.12 views

PT-2026-48820

Improper verification of access permissions when modifying permissions through the Administration Control Panel ACP allowed an authenticated administrator to grant permissions beyond the level authorized for their account, resulting in privilege escalation within the administrative interface...

7.2CVSS7.1AI score0.00299EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/05 8:35 p.m.5 views

CVE-2026-41950

Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplying an arbitrary file UUID in the files array of a chat-messages request. Attackers can exploit...

6.5CVSS5.9AI score0.00334EPSS
Exploits1References4
CNNVD
CNNVDadded 2026/04/15 12:0 a.m.7 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification during the installation process. This vulnerability may allow locally authenticated users to execute write...

6.6CVSS5.9AI score0.00116EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/15 12:0 a.m.10 views

AVEVA Pipeline Simulation 安全漏洞

AVEVA Pipeline Simulation is a pipeline simulation software developed by AVEVA, a British company. AVEVA Pipeline Simulation has a security vulnerability. This vulnerability stems from improper permission verification, which may allow unverified attackers to perform privileged operations, resulti...

9.3CVSS5.8AI score0.00388EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/15 12:0 a.m.9 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification during the installation process. This vulnerability may allow locally authenticated users to execute code with...

7.3CVSS6AI score0.00114EPSS
Exploits0References1
Snyk
Snykadded 2026/03/17 10:49 a.m.5 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to insufficient verification of user permissions in the redirects process. An attacker can gain unauthorized access to redirect records by editing a page without proper access controls. Remediation Upgrade...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/03/04 12:0 a.m.7 views

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft CMS. Versions prior to Craft CMS 5.9.0-beta.1 and 4.17.0-beta.1 contained security vulnerabilities. These vulnerabilities stemmed from a lack of permission verification during repeated entry operations, which could allow...

5.3CVSS5.8AI score0.00234EPSS
Exploits1References3
OSV
OSVadded 2026/01/14 3:15 a.m.4 views

CVE-2025-68959

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.5CVSS5.8AI score0.00085EPSS
Exploits0References3
CVE
CVEadded 2026/01/14 2:35 a.m.11 views

CVE-2025-68970

Technical details (affected products, versions, exploit vectors, and fixes) are not publicly provided in the supplied documents. Monitor for forthcoming updates from vendors and security advisories.

6.1CVSS6.6AI score0.00078EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologiesadded 2026/01/14 12:0 a.m.4 views

PT-2026-2575

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.1CVSS7AI score0.00078EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/09 12:36 p.m.5 views

CVE-2023-49247

Permission verification vulnerability in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality...

7.5CVSS6.9AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:33 p.m.5 views

CVE-2023-31226

The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS7AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:20 a.m.7 views

CVE-2021-22490

There is a Permission verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect the device performance...

5.3CVSS6.8AI score0.00611EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:59 a.m.4 views

CVE-2023-50253

Laf is a cloud development platform. In the Laf version design, the log uses communication with k8s to quickly retrieve logs from the container without the need for additional storage. However, in version 1.0.0-beta.13 and prior, this interface does not verify the permissions of the pod, which...

9.6CVSS6.2AI score0.00741EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/11/08 12:55 a.m.11 views

CVE-2025-63691

In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Management module, the token query interface /api/admin/sys-token/page has an improper permission verification issue, which leads to information leakage. This interface can be called by any user who...

9.6CVSS6.7AI score0.00331EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/10/11 3:45 a.m.4 views

CVE-2025-58277

Permission verification bypass vulnerability in the Camera app. Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS0.00084EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/08 12:0 a.m.5 views

EUVD-2025-33286

An issue in the permission verification module and organization/application editing interface in Casdoor before 2.26.0 allows remote authenticated administrators of any organization within the system to bypass the system's permission verification mechanism by directly concatenating URLs after log...

7.2CVSS6.3AI score0.00599EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-27234

Malware in sbrugna...

8.8CVSS8.7AI score0.0032EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2016-10267

Malware in sbrugna...

4.3CVSS4.7AI score0.02EPSS
Exploits1References10
Rows per page
Query Builder