Skip to main content

CWE-273

Improper Check for Dropped Privileges

22 CVEs Avg CVSS 8.3 MITRE
5
CRITICAL
15
HIGH
2
MEDIUM
0
LOW
4
POC
0
KEV

Monthly

CVE-2026-60085 HIGH PATCH This Week

Security-policy bypass in PraisonAI before 4.6.78 renders the default Subprocess Sandbox backend inert, so administrator-defined blocked_commands, blocked_paths, blocked_imports, allow_subprocess, and allow_file_write restrictions are silently ignored. Any actor able to feed instructions into a PraisonAI agent can execute arbitrary subprocess commands, read sensitive files, and perform destructive file operations even though an explicit deny policy is configured. Reported by VulnCheck with a CVSS 4.0 base score of 8.7; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure Praisonai
NVD GitHub
CVSS 4.0
8.7
CVE-2026-0099 HIGH This Week

Local privilege escalation in Google Android (versions 14, 15, 16, and 16-qpr2) allows a low-privileged local app to launch an arbitrary activity from the background by abusing a logic error in HostEmulationManager.onNullBinding(). Exploitation requires user interaction but no extra execution privileges, and no public exploit has been identified at time of analysis.

Privilege Escalation
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-44073 MEDIUM PATCH This Month

Privilege retention in Netatalk 1.5.0 through 4.4.2 results from auth modules silently ignoring failures of the seteuid() system call, allowing an authenticated network attacker to operate with unintended elevated privileges. When seteuid() fails-due to resource exhaustion, OS limits, or specific system configurations-the process continues execution under its original (higher) UID rather than the intended reduced privilege level, exposing file system objects or operations the user should not access. No public exploit code has been identified at time of analysis, and the issue is not listed in CISA KEV, but the vendor has confirmed the flaw and released a fix in version 4.5.0.

Information Disclosure Suse
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2026-32107 HIGH PATCH This Week

Privilege escalation to root in xrdp 0.10.5 and earlier allows authenticated local attackers to execute arbitrary code due to improper error handling during privilege drop in the session execution component. The flaw requires low attack complexity and no user interaction (CVSS 8.8, AV:L/AC:L/PR:L/UI:N). Vendor-released patch available in xrdp v0.10.6. No public exploit or active exploitation confirmed at time of analysis, though CVSS scope change (S:C) indicates potential container/VM escape scenarios.

RCE Suse
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-27396 HIGH This Week

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. [CVSS 8.8 HIGH]

Privilege Escalation Siemens
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-1003 HIGH This Week

A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation HP
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2024-8382 HIGH This Week

Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla Firefox Firefox Esr
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-25420 Maven HIGH POC PATCH This Week

An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Openfire
NVD GitHub
CVSS 3.1
7.2
EPSS
1.4%
CVE-2023-34322 HIGH This Week

For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-26239 MEDIUM This Month

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Watchguard Epp Firmware Edr Firmware Epdr Firmware +1
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVSS 8.7
HIGH PATCH This Week

Security-policy bypass in PraisonAI before 4.6.78 renders the default Subprocess Sandbox backend inert, so administrator-defined blocked_commands, blocked_paths, blocked_imports, allow_subprocess, and allow_file_write restrictions are silently ignored. Any actor able to feed instructions into a PraisonAI agent can execute arbitrary subprocess commands, read sensitive files, and perform destructive file operations even though an explicit deny policy is configured. Reported by VulnCheck with a CVSS 4.0 base score of 8.7; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure Praisonai
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation in Google Android (versions 14, 15, 16, and 16-qpr2) allows a low-privileged local app to launch an arbitrary activity from the background by abusing a logic error in HostEmulationManager.onNullBinding(). Exploitation requires user interaction but no extra execution privileges, and no public exploit has been identified at time of analysis.

Privilege Escalation
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

Privilege retention in Netatalk 1.5.0 through 4.4.2 results from auth modules silently ignoring failures of the seteuid() system call, allowing an authenticated network attacker to operate with unintended elevated privileges. When seteuid() fails-due to resource exhaustion, OS limits, or specific system configurations-the process continues execution under its original (higher) UID rather than the intended reduced privilege level, exposing file system objects or operations the user should not access. No public exploit code has been identified at time of analysis, and the issue is not listed in CISA KEV, but the vendor has confirmed the flaw and released a fix in version 4.5.0.

Information Disclosure Suse
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege escalation to root in xrdp 0.10.5 and earlier allows authenticated local attackers to execute arbitrary code due to improper error handling during privilege drop in the session execution component. The flaw requires low attack complexity and no user interaction (CVSS 8.8, AV:L/AC:L/PR:L/UI:N). Vendor-released patch available in xrdp v0.10.6. No public exploit or active exploitation confirmed at time of analysis, though CVSS scope change (S:C) indicates potential container/VM escape scenarios.

RCE Suse
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0). Affected devices do not properly limit the elevation of privileges required to perform certain valid functionality. [CVSS 8.8 HIGH]

Privilege Escalation Siemens
NVD
EPSS 0% CVSS 8.5
HIGH This Week

A potential vulnerability has been identified in HP Anyware Agent for Linux which might allow for authentication bypass which may result in escalation of privilege. Rated high severity (CVSS 8.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation HP
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mozilla Firefox +1
NVD
EPSS 1% CVSS 7.2
HIGH POC PATCH This Week

An issue in Ignite Realtime Openfire before 4.8.1 allows a remote attacker to escalate privileges via the admin.authorizedJIDs system property component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Openfire
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

For migration as well as to work around kernels unaware of L1TF (see XSA-273), PV guests may be run in shadow paging mode. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Xen
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Watchguard Epp Firmware +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy