CWE-863: Incorrect Authorization — known CVE vulnerabilities
CVEs classified under CWE-863 (Incorrect Authorization), ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2026-48286 — CVSS 10.0 (critical): Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could…
CVE-2026-48303 — CVSS 10.0 (critical): Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could…
CVE-2026-44330 — CVSS 10.0 (critical): free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-pfdmanagement route group…
CVE-2026-46595 — CVSS 10.0 (critical): Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed…
CVE-2026-33105 — CVSS 10.0 (critical): Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-32213 — CVSS 10.0 (critical): Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network.
CVE-2023-4617 — CVSS 10.0 (critical): Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control…
CVE-2023-23924 — CVSS 10.0 (critical): Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `<image>` tags with…
CVE-2022-24783 — CVSS 10.0 (critical): Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an…
CVE-2022-21141 — CVSS 10.0 (critical): MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to…
CVE-2021-38503 — CVSS 10.0 (critical): The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing…
CVE-2021-37705 — CVSS 10.0 (critical): OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization…
CVE-2018-18815 — CVSS 10.0 (critical): The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO…
CVE-2026-34047 — CVSS 9.9 (critical): Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal…
CVE-2026-41283 — CVSS 9.9 (critical): OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code…
CVE-2026-43999 — CVSS 9.9 (critical): vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, NodeVM's builtin allowlist can be bypassed when the module builtin is…
CVE-2026-41050 — CVSS 9.9 (critical): Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a…
CVE-2026-43948 — CVSS 9.9 (critical): wger is a free, open-source workout and fitness manager. Prior to 2.6, the reset_user_password and gym_permissions_user_edit views in wger…
CVE-2026-33579 — CVSS 9.9 (critical): OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller…
CVE-2026-28466 — CVSS 9.9 (critical): OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in…
CVE-2026-27112 — CVSS 9.9 (critical): Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource…
CVE-2026-24740 — CVSS 9.9 (critical): Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s agent-backed shell endpoints allows a…
CVE-2025-29827 — CVSS 9.9 (critical): Improper authorization in Azure Automation allows an authorized attacker to elevate privileges over a network.
CVE-2025-21556 — CVSS 9.9 (critical): Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported…
CVE-2024-4447 — CVSS 9.9 (critical): In the System → Maintenance tool, the Logged Users tab surfaces sessionId data for all users via the Direct Web Remoting API…
CVE-2024-38369 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included…
CVE-2024-21010 — CVSS 9.9 (critical): Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server)…
CVE-2024-25108 — CVSS 9.9 (critical): Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked…
CVE-2023-20048 — CVSS 9.9 (critical): A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote…
CVE-2023-33190 — CVSS 9.9 (critical): Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.1-rc4 an…
CVE-2023-35166 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to execute any wiki…
CVE-2023-32069 — CVSS 9.9 (critical): XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible…
CVE-2022-29176 — CVSS 9.9 (critical): Rubygems is a package registry used to supply software for the Ruby language ecosystem. Due to a bug in the yank action, it was possible…
CVE-2021-26753 — CVSS 9.9 (critical): NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP…
CVE-2020-35948 — CVSS 9.9 (critical): An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability…
CVE-2020-3374 — CVSS 9.9 (critical): A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to…
CVE-2026-27780 — CVSS 9.8 (critical): Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input…
CVE-2026-32966 — CVSS 9.8 (critical): DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue…
CVE-2026-3660 — CVSS 9.8 (critical): IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files…
CVE-2026-35490 — CVSS 9.8 (critical): changedetection.io is a free open source web page change detection tool. Prior to 0.54.8, the @login_optionally_required decorator is…
CVE-2026-28808 — CVSS 9.8 (critical): Incorrect Authorization vulnerability in Erlang OTP (inets modules) allows unauthenticated access to CGI scripts protected by directory…
CVE-2026-32924 — CVSS 9.8 (critical): OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction events with omitted chat_type are…
CVE-2026-32267 — CVSS 9.8 (critical): Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.6 and from version 5.0.0-RC1 to before…
CVE-2026-28229 — CVSS 9.8 (critical): Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to 4.0.2 and 3.7.11…
CVE-2026-30863 — CVSS 9.8 (critical): Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.10 and…
CVE-2026-28474 — CVSS 9.8 (critical): OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for…