Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 382

382 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2026-0871 Org.keycloak/keycloak-services: keycloak: unauthorized modification of unmanaged user attributes by administrators — Red Hat build of Keycloak 26.4 4.9 Medium2026-02-27
CVE-2025-33179 NVIDIA Cumulus Linux和NVIDIA NVOS 安全漏洞 — Cumulus Linux GA 8.0 High2026-02-24
CVE-2025-69378 WordPress Product Filter for WooCommerce plugin <= 9.1.2 - Privilege Escalation vulnerability — Product Filter for WooCommerce 7.2 High2026-02-20
CVE-2026-22267 Dell PowerProtect Data Manager(PPDM) 安全漏洞 — PowerProtect Data Manager 8.1 High2026-02-19
CVE-2026-22268 Dell PowerProtect Data Manager(PPDM) 安全漏洞 — PowerProtect Data Manager 6.3 Medium2026-02-19
CVE-2025-14282 Dropbear: privilege escalation via unix domain socket forwardings — dropbear 5.4 Medium2026-02-12
CVE-2025-14778 Keycloak: incorrect ownership checks in /uma-policy/ — Red Hat build of Keycloak 26.2 5.4 Medium2026-02-09
CVE-2025-13881 Org.keycloak.services.resources.admin: keycloak: limited administrator can retrieve sensitive user attributes via admin api — Red Hat build of Keycloak 26.4 2.7 Low2026-02-02
CVE-2025-69292 WordPress WP Membership plugin <= 1.6.4 - Privilege Escalation vulnerability — WP Membership 8.8 High2026-01-22
CVE-2025-69293 WordPress Final User plugin <= 1.2.5 - Privilege Escalation vulnerability — Final User 8.8 High2026-01-22
CVE-2025-69183 WordPress Hospital Doctor Directory plugin <= 1.3.9 - Privilege Escalation vulnerability — Hospital Doctor Directory 8.8 High2026-01-22
CVE-2025-69182 WordPress Institutions Directory plugin <= 1.3.4 - Privilege Escalation vulnerability — Institutions Directory 8.8 High2026-01-22
CVE-2025-68869 WordPress LazyTasks plugin <= 1.2.37 - Privilege Escalation vulnerability — LazyTasks 9.8 Critical2026-01-22
CVE-2025-68027 WordPress Hydra Booking plugin <= 1.1.32 - Privilege Escalation vulnerability — Hydra Booking 7.3 High2026-01-22
CVE-2025-67966 WordPress Lawyer Directory plugin <= 1.3.3 - Privilege Escalation vulnerability — Lawyer Directory 8.8 High2026-01-22
CVE-2025-67953 WordPress Booking Activities plugin <= 1.16.44 - Privilege Escalation vulnerability — Booking Activities 8.1 High2026-01-22
CVE-2025-50007 WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability — xSmart 8.8 High2026-01-22
CVE-2026-23800 WordPress Modular DS plugin <= 2.5.2 - Privilege Escalation vulnerability — Modular DS 10.0 Critical2026-01-16
CVE-2021-47799 Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation — Visual Tools DVR VX16 6.2 Medium2026-01-15
CVE-2026-22916 SICK TDC-X401GL 安全漏洞 — TDC-X401GL 4.3 Medium2026-01-15
CVE-2026-22914 SICK TDC-X401GL 安全漏洞 — TDC-X401GL 4.3 Medium2026-01-15
CVE-2026-22908 SICK TDC-X401GL 安全漏洞 — TDC-X401GL 9.1 Critical2026-01-15
CVE-2026-22907 SICK TDC-X401GL 安全漏洞 — TDC-X401GL 9.9 Critical2026-01-15
CVE-2026-23550 WordPress Modular DS plugin <= 2.5.1 - Privilege Escalation vulnerability — Modular DS 10.0 Critical2026-01-14
CVE-2022-50927 Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation — Cyclades Serial Console Server 6.2 Medium2026-01-13
CVE-2026-20852 Windows Hello Tampering Vulnerability — Windows 10 Version 1607 7.7 High2026-01-13
CVE-2026-20804 Windows Hello Tampering Vulnerability — Windows 10 Version 1607 7.7 High2026-01-13
CVE-2025-31643 WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability — WPCHURCH 8.8 High2026-01-07
CVE-2025-29004 Privilege Escalation Vulnerability in AA-Team WordPress plugins — Premium Age Verification / Restriction for WordPress 8.8 High2026-01-06
CVE-2019-25249 devolo dLAN 500 AV Wireless+ 3.1.0-1 Remote Code Execution via htmlmgr — dLAN 550 duo+ Starter Kit 9.8 Critical2025-12-24

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.