CWE-285: Improper Authorization — known CVE vulnerabilities
CVEs classified under CWE-285 (Improper Authorization), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2025-65041 — CVSS 10.0 (critical): Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
CVE-2023-33189 — CVSS 10.0 (critical): Pomerium is an identity and context-aware access proxy. With specially crafted requests, incorrect authorization decisions may be made by…
CVE-2026-34048 — CVSS 9.9 (critical): Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal…
CVE-2026-5412 — CVSS 9.9 (critical): In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the…
CVE-2026-30956 — CVSS 9.9 (critical): OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, a low‑privileged user can bypass authorization and…
CVE-2025-49746 — CVSS 9.9 (critical): Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
CVE-2022-2661 — CVSS 9.9 (critical): Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged user to perform administrative functions…
CVE-2021-23140 — CVSS 9.9 (critical): Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modified by an unauthorised…
CVE-2020-16096 — CVSS 9.9 (critical): In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to…
CVE-2026-10580 — CVSS 9.8 (critical): The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover…
CVE-2026-30496 — CVSS 9.8 (critical): The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full…
CVE-2026-30702 — CVSS 9.8 (critical): The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mechanism in its web management interface…
CVE-2026-25893 — CVSS 9.8 (critical): FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.10, an authentication bypass vulnerability in FUXA…
CVE-2026-25809 — CVSS 9.8 (critical): PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not…
CVE-2023-53895 — CVSS 9.8 (critical): PimpMyLog 1.7.14 contains an improper access control vulnerability that allows remote attackers to create admin accounts without…
CVE-2025-58386 — CVSS 9.8 (critical): In Terminalfour 8 through 8.4.1.1, the userLevel parameter in the user management function is not subject to proper server-side…
CVE-2025-64063 — CVSS 9.8 (critical): Primakon Pi Portal 1.0.18 API endpoints fail to enforce sufficient authorization checks when processing requests. Specifically, a standard…
CVE-2025-31255 — CVSS 9.8 (critical): An authorization issue was addressed with improved state management. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS…
CVE-2025-7778 — CVSS 9.8 (critical): The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path…
CVE-2025-4631 — CVSS 9.8 (critical): The Profitori plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the stocktend_object endpoint…
CVE-2025-4104 — CVSS 9.8 (critical): The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the…
CVE-2025-3918 — CVSS 9.8 (critical): The Job Listings plugin for WordPress is vulnerable to Privilege Escalation due to improper authorization within the register_action()…
CVE-2025-30392 — CVSS 9.8 (critical): Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-29659 — CVSS 9.8 (critical): Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary.
CVE-2025-25196 — CVSS 9.8 (critical): OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA <…
CVE-2024-56323 — CVSS 9.8 (critical): OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 (Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to…
CVE-2024-36108 — CVSS 9.8 (critical): casgate is an Open Source Identity and Access Management system. In affected versions `casgate` allows remote unauthenticated attacker to…
CVE-2024-34257 — CVSS 9.8 (critical): TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in the apcliEncrypType parameter that allows unauthorized execution of…
CVE-2024-32881 — CVSS 9.8 (critical): Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack…
CVE-2022-3748 — CVSS 9.8 (critical): Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass. This issue affects Access…
CVE-2022-3229 — CVSS 9.8 (critical): Because the web management interface for Unified Intents' Unified Remote solution does not itself require authentication, a remote…
CVE-2022-24083 — CVSS 9.8 (critical): Password authentication bypass vulnerability for local accounts can be used to bypass local authentication checks.
CVE-2021-3044 — CVSS 9.8 (critical): An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to…
CVE-2019-7489 — CVSS 9.8 (critical): A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. This vulnerability…
CVE-2019-13550 — CVSS 9.8 (critical): In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information…
CVE-2018-14670 — CVSS 9.8 (critical): Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database.
CVE-2015-5463 — CVSS 9.8 (critical): AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote…
CVE-2015-3954 — CVSS 9.8 (critical): Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System…
CVE-2016-10734 — CVSS 9.8 (critical): ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.
CVE-2016-0922 — CVSS 9.8 (critical): EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which makes it easier for remote attackers to…
CVE-2016-6825 — CVSS 9.8 (critical): Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3 servers with software before…
CVE-2016-5799 — CVSS 9.8 (critical): Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do not properly restrict authentication…
CVE-2026-33823 — CVSS 9.6 (critical): Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
CVE-2025-66301 — CVSS 9.6 (critical): Grav is a file-based Web platform. Prior to 1.8.0-beta.27, due to improper authorization checks when modifying critical fields on a POST…
CVE-2025-63691 — CVSS 9.6 (critical): In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Management module, the token query…