Skip to main content

CWE-278

Insecure Preserved Inherited Permissions

6 CVEs Avg CVSS 7.2 MITRE
0
CRITICAL
5
HIGH
0
MEDIUM
1
LOW
2
POC
0
KEV

Monthly

CVE-2026-6265 HIGH This Week

Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1

Microsoft Privilege Escalation
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2025-2947 HIGH This Week

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection IBM Privilege Escalation
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-36538 HIGH POC This Week

Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Chaos Mesh
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-37769 HIGH POC This Week

Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation 14Finger
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-38531 LOW Monitor

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. Rated low severity (CVSS 3.6). No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
3.6
EPSS
0.1%
CVE-2023-38497 Cargo HIGH PATCH This Week

Cargo downloads the Rust project’s dependencies and compiles the project. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Cargo Fedora
NVD GitHub
CVSS 3.1
7.3
EPSS
0.8%
EPSS 0% CVSS 7.3
HIGH This Week

Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1

Microsoft Privilege Escalation
NVD
EPSS 0% CVSS 7.2
HIGH This Week

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection IBM Privilege Escalation
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

Insecure permissions in chaos-mesh v2.6.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Chaos Mesh
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation 14Finger
NVD GitHub
EPSS 0% CVSS 3.6
LOW Monitor

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. Rated low severity (CVSS 3.6). No vendor patch available.

Information Disclosure
NVD GitHub
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Cargo downloads the Rust project’s dependencies and compiles the project. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Cargo Fedora
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy