CVEs classified under CWE-278, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2026-6265 — CVSS 8.8 (high): Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been…
CVE-2024-36538 — CVSS 8.8 (high): Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service…
CVE-2024-37769 — CVSS 8.8 (high): Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request.
CVE-2025-2947 — CVSS 7.2 (high): IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the…
CVE-2024-38531 — CVSS 3.6 (low): Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has…