Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVEs (5,077)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-23496 1Pimcore 1Web2print Tools Jan 30, 2026 Jan 15, 2026 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for mana...Show more Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an authenticated backend user without explicitely lacking permissions for this feature was still able to successfully invoke the endpoint and modify or retrieve these configurations. This vulnerability is fixed in 5.2.2 and 6.1.1.Show less
CVE-2026-23495 1Pimcore 1Admin Classic Bundle Jan 30, 2026 Jan 15, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Prior to 2.2.3 and 1.7.16, the API endpoint for listing Predefined Properties in the Pimcore platform lacks adequate server-side authorization checks. Pre...Show more Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. Prior to 2.2.3 and 1.7.16, the API endpoint for listing Predefined Properties in the Pimcore platform lacks adequate server-side authorization checks. Predefined Properties are configurable metadata definitions (e.g., name, key, type, default value) used across documents, assets, and objects to standardize custom attributes and improve editorial workflows, as documented in Pimcore's official properties guide. Testing confirmed that an authenticated backend user without explicit permissions for property management could successfully call the endpoint and retrieve the complete list of these configurations. The vulnerability is fixed in 2.2.3 and 1.7.16.Show less
CVE-2026-23494 1Pimcore 1Pimcore Jan 20, 2026 Jan 15, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for reading or listin...Show more Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for reading or listing static routes. In Pimcore, static routes are custom URL patterns defined via the backend interface or the var/config/staticroutes.php file, including details like regex-based patterns, controllers, variables, and priorities. These routes are registered automatically through the PimcoreStaticRoutesBundle and integrated into the MVC routing system. Testing revealed that an authenticated backend user lacking explicit permissions was able to invoke the endpoint (e.g., GET /api/static-routes) and retrieve sensitive route configurations. This vulnerability is fixed in 12.3.1 and 11.5.14.Show less
CVE-2025-64516 1Glpi Project 1Glpi Jan 21, 2026 Jan 15, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 GLPI is a free asset and IT management software package. Prior to 10.0.21 and 11.0.3, an unauthorized user can access GLPI documents attached to any item (ticket, asset, ...). If the public FAQ is enabled, this unauthori...Show more GLPI is a free asset and IT management software package. Prior to 10.0.21 and 11.0.3, an unauthorized user can access GLPI documents attached to any item (ticket, asset, ...). If the public FAQ is enabled, this unauthorized access can be performed by an anonymous user. This vulnerability is fixed in 10.0.21 and 11.0.3.Show less
CVE-2025-61973 - - Jan 16, 2026 Jan 15, 2026 N/A· v4 8.8 HIGH· v3 N/A· v2 A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unin...Show more A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges.Show less
CVE-2026-22909 1Sick 1Tdc X401gl Firmware Jan 23, 2026 Jan 15, 2026 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Certain system functions may be accessed without proper authorization, allowing attackers to start, stop, or delete installed applications, potentially disrupting system operations.
CVE-2026-21889 1Weblate 1Weblate Jan 23, 2026 Jan 14, 2026 2.3 LOW· v4 7.5 HIGH· v3 N/A· v2 Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after...Show more Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. This vulnerability is fixed in 5.15.2.Show less
CVE-2025-14338 - - Jan 14, 2026 Jan 14, 2026 8.5 HIGH· v4 N/A· v3 N/A· v2 Polkit authentication dis isabled by default and a race condition in the Polkit authorization check in versions before v0.69.0 can lead to the same issues as in CVE-2025-66005.
CVE-2025-68949 1N8n 1N8n Jan 16, 2026 Jan 13, 2026 N/A· v4 5.3 MEDIUM· v3 N/A· v2 n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming reque...Show more n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured whitelist entry as a substring. This issue affected instances where workflow editors relied on IP-based access controls to restrict webhook access. Both IPv4 and IPv6 addresses were impacted. An attacker with a non-whitelisted IP could bypass restrictions if their IP shared a partial prefix with a trusted address, undermining the intended security boundary. This vulnerability is fixed in 2.2.0.Show less
CVE-2026-20949 1Microsoft 2365 Apps Office Long Term Servicing Channel Jan 16, 2026 Jan 13, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-20929 1Microsoft 11Windows 10 1607 Windows 10 1809Windows 10 21h2+8 more Jan 16, 2026 Jan 13, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.
CVE-2026-20843 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more Jan 15, 2026 Jan 13, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.
CVE-2026-20839 1Microsoft 14Windows 10 1607 Windows 10 1809Windows 10 21h2+11 more Jan 15, 2026 Jan 13, 2026 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to disclose information locally.
CVE-2026-20825 1Microsoft 10Windows 10 1809 Windows 10 21h2Windows 10 22h2+7 more Jan 15, 2026 Jan 13, 2026 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally.
CVE-2026-0386 1Microsoft 7Windows Server 2008 Windows Server 2012Windows Server 2016+4 more Jan 14, 2026 Jan 13, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.
CVE-2026-0881 1Mozilla 2Firefox Thunderbird Apr 13, 2026 Jan 13, 2026 N/A· v4 10.0 CRITICAL· v3 N/A· v2 Sandbox escape in the Messaging System component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.
CVE-2026-22033 1Humansignal 1Label Studio Jan 27, 2026 Jan 12, 2026 8.6 HIGH· v4 5.4 MEDIUM· v3 N/A· v2 Label Studio is a multi-type data labeling and annotation tool. In 1.22.0 and earlier, a persistent stored cross-site scripting (XSS) vulnerability exists in the custom_hotkeys functionality of the application. An authen...Show more Label Studio is a multi-type data labeling and annotation tool. In 1.22.0 and earlier, a persistent stored cross-site scripting (XSS) vulnerability exists in the custom_hotkeys functionality of the application. An authenticated attacker (or one who can trick a user/administrator into updating their custom_hotkeys) can inject JavaScript code that executes in other users’ browsers when those users load any page using the templates/base.html template. Because the application exposes an API token endpoint (/api/current-user/token) to the browser and lacks robust CSRF protection on some API endpoints, the injected script may fetch the victim’s API token or call token reset endpoints — enabling full account takeover and unauthorized API access.Show less
CVE-2025-15503 1Sangfor 1Operation And Maintenance Security Management System Apr 29, 2026 Jan 10, 2026 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipula...Show more A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2026-22605 1Openproject 1Openproject Jan 14, 2026 Jan 10, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 OpenProject is an open-source, web-based project management software. OpenProject versions prior to version 16.6.3, allowed users with the View Meetings permission on any project, to access meeting details of meetings th...Show more OpenProject is an open-source, web-based project management software. OpenProject versions prior to version 16.6.3, allowed users with the View Meetings permission on any project, to access meeting details of meetings that belonged to projects, the user does not have access to. This issue has been patched in version 16.6.3.Show less
CVE-2025-46299 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jan 9, 2026 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously cr...Show more A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app.Show less

Previous 1...383940...254 Next