CVEs classified under CWE-271, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2024-0985 — CVSS 8.0 (high): Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as…
CVE-2023-22648 — CVSS 8.0 (high): A Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD not to be reflected to users while they…
CVE-2025-53819 — CVSS 7.9 (high): Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root)…
CVE-2025-23395 — CVSS 7.8 (high): Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows…
CVE-2022-3569 — CVSS 7.8 (high): Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in…
CVE-2026-35535 — CVSS 7.4 (high): In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the…
CVE-2024-35179 — CVSS 6.8 (medium): Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, when using `RUN_AS_USER`, the specified user (and therefore…
CVE-2026-25704: A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in cosmic-greeter can allow an…
CVE-2020-35513 — CVSS 4.9 (medium): A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the…