Vulnerabilities > Incorrect Privilege Assignment

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-13	CVE-2025-40571	A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4.0.0), Mendix OIDC SSO (Mendix 9 compatible) (All versions). network high complexity CWE-266	2.2
2025-05-06	CVE-2025-2898	IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations. network high complexity CWE-266	7.5
2025-05-06	CVE-2025-4374	A flaw was found in Quay. network low complexity CWE-266	6.5
2025-05-05	CVE-2025-4269	Incorrect Privilege Assignment vulnerability in Totolink A720R Firmware 4.1.5Cu.374 A vulnerability was found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. network low complexity totolink CWE-266	5.3
2025-04-30	CVE-2025-4136	A vulnerability was found in Weitong Mall 1.0.0. network low complexity CWE-266	5.4
2025-04-30	CVE-2025-4118	A vulnerability classified as critical has been found in Weitong Mall 1.0.0. network low complexity CWE-266	5.3
2025-04-30	CVE-2025-4119	A vulnerability classified as critical was found in Weitong Mall 1.0.0. network low complexity CWE-266	5.3
2025-04-29	CVE-2025-4065	Incorrect Privilege Assignment vulnerability in Scriptandtools Online Traveling System 1.0 A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. network low complexity scriptandtools CWE-266	7.5
2025-04-29	CVE-2025-4066	Incorrect Privilege Assignment vulnerability in Scriptandtools Online Traveling System 1.0 A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. network low complexity scriptandtools CWE-266 critical	9.8
2025-04-29	CVE-2025-4067	Incorrect Privilege Assignment vulnerability in Scriptandtools Online Traveling System 1.0 A vulnerability classified as critical has been found in ScriptAndTools Online-Travling-System 1.0. network low complexity scriptandtools CWE-266	5.3