Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 395

395 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2025-4228 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability — Cortex XDR Broker VM 7.2AIHighAI2025-06-12
CVE-2025-4922 Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job — Nomad 8.1 High2025-06-11
CVE-2025-23974 WordPress One-Login plugin <= 1.4 - Privilege Escalation Vulnerability — One-Login 8.1 High2025-06-09
CVE-2025-47561 WordPress MapSVG plugin < 8.6.13 - Privilege Escalation Vulnerability — MapSVG 8.8 High2025-06-09
CVE-2025-48129 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Privilege Escalation Vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light 9.8 Critical2025-06-09
CVE-2025-5791 Users: `root` appended to group listings 7.1 High2025-06-06
CVE-2025-48911 Huawei HarmonyOS 安全漏洞 — HarmonyOS 8.2 High2025-06-06
CVE-2025-4493 Devolutions Server 安全漏洞 — Server 7.1AIHighAI2025-05-28
CVE-2025-31918 WordPress Simple Business Directory Pro plugin < 15.6.9 - Privilege Escalation vulnerability — Simple Business Directory Pro 9.8 Critical2025-05-23
CVE-2025-39489 WordPress CouponXL theme <= 4.5.0 - Privilege Escalation Vulnerability — CouponXL 9.8 Critical2025-05-23
CVE-2025-47539 WordPress Eventin plugin <= 4.0.26 - Privilege Escalation Vulnerability — Eventin 9.8 Critical2025-05-23
CVE-2025-47631 WordPress Hospital Management System plugin <= 47.0(20-11-2023) - Privilege Escalation vulnerability — Hospital Management System 8.8 High2025-05-23
CVE-2025-48741 StrangeBee TheHive 安全漏洞 — TheHive 6.5AIMediumAI2025-05-23
CVE-2025-48695 CyberDAVA 安全漏洞 — CyberDAVA 6.4 Medium2025-05-23
CVE-2025-4692 ABUP IoT Cloud Platform Incorrect Privilege Assignment — ABUP IoT Cloud Platform 6.8 Medium2025-05-22
CVE-2025-47291 containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods. — containerd 7.7AIHighAI2025-05-21
CVE-2025-39366 WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability — wProject 8.8 High2025-05-19
CVE-2025-39405 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerability — WPAMS 8.8 High2025-05-19
CVE-2025-39459 WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability — Real Estate 7 7.3 High2025-05-19
CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App — GlobalProtect App 7.1AIHighAI2025-05-14
CVE-2025-0131 GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Security SDK — MetaDefender Endpoint Security SDK 7.0AIHighAI2025-05-14
CVE-2025-3744 Nomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy Override — Nomad Enterprise 7.6 High2025-05-13
CVE-2025-40571 Siemens Mendix OIDC SSO 安全漏洞 — Mendix OIDC SSO (Mendix 10.12 compatible) 2.2 Low2025-05-13
CVE-2025-4374 Quay: incorrect privilege assignment — quay 6.5 Medium2025-05-06
CVE-2025-2898 IBM Maximo Application Suite privilege escalation — Maximo Application Suite 7.5 High2025-05-06
CVE-2025-3517 Devolutions Server 安全漏洞 — Devolutions Server 8.8AIHighAI2025-05-01
CVE-2025-27007 WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability — OttoKit 9.8 Critical2025-05-01
CVE-2025-2470 Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input' — Service Finder Bookings 9.8 Critical2025-04-25
CVE-2025-32648 WordPress Projectopia plugin <= 5.1.24 - Privilege Escalation vulnerability — Projectopia 9.8 Critical2025-04-17
CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability — Xelion Webchat 8.8 High2025-04-17

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 395 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.