Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-269 (特权管理不恰当) — Vulnerability Class 1004

1004 vulnerabilities classified as CWE-269 (特权管理不恰当). AI Chinese analysis included.

CWE-269 represents a critical access control weakness where software fails to properly assign, modify, track, or verify privileges for users or processes. This flaw allows actors to operate outside their intended security boundaries, effectively granting them an unintended sphere of control. Attackers typically exploit this vulnerability by manipulating session tokens, bypassing authentication checks, or leveraging insufficient authorization logic to escalate privileges from a standard user to an administrator. Such exploitation can lead to unauthorized data access, system modification, or complete compromise. To prevent this, developers must implement robust identity and access management frameworks that enforce strict least-privilege principles. Regularly auditing permission assignments, utilizing role-based access control, and rigorously validating user rights at every critical application checkpoint are essential strategies to ensure actors only possess the minimum necessary privileges for their specific tasks.

MITRE CWE Description
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
Mitigations (3)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and DesignFollow the principle of least privilege when assigning access rights to entities in a software system.
Architecture and DesignConsider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
Examples (2)
This code temporarily raises the program's privileges to allow creation of a new user folder.
def makeNewUserDir(username): if invalidUsername(username): #avoid CWE-22 and CWE-78 print('Usernames cannot contain invalid characters') return False try: raisePrivileges() os.mkdir('/home/' + username) lowerPrivileges() except OSError: print('Unable to create new user directory for user:' + username) return False return True
Bad · Python
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2026-24894 FrankenPHP leaks session data between requests in worker mode — frankenphp 5.9AIMediumAI2026-02-12
CVE-2026-26010 Leaky JWTs in OpenMetadata exposing highly-privileged bot users — OpenMetadata 8.1AIHighAI2026-02-11
CVE-2025-64487 Outline is vulnerable to privilege escalation vulnerability in document sharing — outline 7.6 High2026-02-11
CVE-2026-21533 Windows Remote Desktop Services Elevation of Privilege Vulnerability — Windows 10 Version 1607 7.8 High2026-02-10
CVE-2025-15100 JAY Login & Register <= 2.6.03 - Authenticated (Subscriber+) Privilege Escalation via jay_panel_ajax_update_profile — JAY Login & Register 8.8 High2026-02-08
CVE-2025-15027 JAY Login & Register <= 2.6.03 - Unauthenticated Privilege Escalation via jay_login_register_ajax_create_final_user — JAY Login & Register 9.8 Critical2026-02-08
CVE-2025-6723 Untrusted user data can lead to privilege escalation — Chef Inspec 7.8AIHighAI2026-01-30
CVE-2025-13176 Local privilege escalation in ESET Inspect Connector for Windows — ESET Inspect Connector 7.8AIHighAI2026-01-30
CVE-2026-23896 immich API Key Privilege Escalation vulnerability — immich 7.2 High2026-01-29
CVE-2025-13918 Elevation of Privileges in Symantec Endpoint Protection Windows Client — Symantec Endpoint Protection Windows Client 6.7 Medium2026-01-28
CVE-2025-13917 Elevation of Privileges in Web Security Services (WSS) Agent — Symantec Web Security Services Agent 7.0 High2026-01-28
CVE-2026-22039 Kyverno Cross-Namespace Privilege Escalation via Policy apiCall — kyverno 10.0 Critical2026-01-27
CVE-2025-59094 Local Privilege Escalation in dormakaba Kaba exos 9300 System management — Kaba exos 9300 7.8AIHighAI2026-01-26
CVE-2026-0920 LA-Studio Element Kit for Elementor <= 1.5.6.3 - Unauthenticated Privilege Escalation via Backdoor to Administrative User Creation via lakit_bkrole parameter — LA-Studio Element Kit for Elementor 9.8 Critical2026-01-22
CVE-2026-23990 Flux Operator Web UI Impersonation Bypass via Empty OIDC Claims — flux-operator 5.3 Medium2026-01-21
CVE-2025-14533 Advanced Custom Fields: Extended <= 0.9.2.1 - Unauthenticated Privilege Escalation via Insert User Form Action — Advanced Custom Fields: Extended 9.8 Critical2026-01-20
CVE-2025-15403 RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order — RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login 9.8 Critical2026-01-17
CVE-2026-21223 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability — Microsoft Edge (Chromium-based) 7.1 High2026-01-16
CVE-2026-23477 Rocket.Chat Unauthorized Access to OAuth App Details — Rocket.Chat 7.7 High2026-01-14
CVE-2025-36640 Local Privilege Escalation — Nessus Agent 8.8 High2026-01-13
CVE-2026-22804 Termix has a Stored XSS in File Manager leading to Local File Inclusion (LFI) in Electron and Session Hijacking in Browser — Termix 8.0 High2026-01-12
CVE-2025-14736 Frontend Admin by DynamiApps <= 3.28.29 - Unauthenticated Privilege Escalation to Administrator via Role Form Field — Frontend Admin by DynamiApps 9.8 Critical2026-01-09
CVE-2025-66315 ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability — MF258K 4.3 Medium2026-01-09
CVE-2026-22043 RustFS has IAM deny_only Short-Circuit that Allows Privilege Escalation via Service Account Minting — rustfs 8.8 -2026-01-08
CVE-2026-22536 PRIVILEGE ESCALATION VIA SUDO COMMAND — QC 60/90/120 7.8 -2026-01-07
CVE-2025-47411 Apache StreamPipes: Leverage of User ID for Privilege Escalation — Apache StreamPipes 8.8 -2026-01-01
CVE-2025-69257 theshit vulnerable to unsafe loading of user-owned Python rules when running as root. — theshit 6.7 Medium2025-12-30
CVE-2025-68697 Self-hosted n8n has Legacy Code node that enables arbitrary file read/write — n8n 7.1 High2025-12-26
CVE-2025-52599 Inadequate account permissions management — QNV-C8012 8.1 -2025-12-26
CVE-2025-57840 Privilege Bypass in ADB — Magic OS 2.2 Low2025-12-24

Vulnerabilities classified as CWE-269 (特权管理不恰当) represent 1004 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.