Skip to main content

Privilege Escalation

13302 CVEs technique

Monthly

CVE-2026-26224 Monitor

Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability.

macOS Golang Privilege Escalation Race Condition
NVD
EPSS
0.0%
CVE-2026-24894 Go HIGH POC PATCH This Week

FrankenPHP versions prior to 1.11.2 fail to properly isolate session data between worker requests, enabling cross-user session fixation where an attacker can read sensitive $_SESSION information intended for other users. This high-severity flaw affects multi-request worker mode deployments and has public exploit code available. A patched version 1.11.2 is available and should be deployed immediately.

Privilege Escalation Frankenphp Suse
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2019-25343 HIGH POC This Week

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification. [CVSS 7.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-54519 HIGH This Week

A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. [CVSS 7.3 HIGH]

Privilege Escalation RCE
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-55210 HIGH PATCH This Week

Freepbx versions up to 17.0.5 contains a vulnerability that allows attackers to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX tha (CVSS 7.5).

MySQL Privilege Escalation Freepbx
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2007 HIGH PATCH This Week

Heap buffer overflow in the pg_trgm extension of PostgreSQL 18.0 and 18.1 allows authenticated database users to trigger memory corruption through specially crafted input strings. An attacker with database access could potentially achieve privilege escalation or cause service disruption, though exploit complexity is currently limited by restricted control over written data. No patch is currently available.

PostgreSQL Buffer Overflow Privilege Escalation Heap Overflow
NVD VulDB
CVSS 3.1
8.2
EPSS
0.1%
CVE-2026-25676 HIGH This Week

M-Track Duo HD version 1.0.0 installer is vulnerable to DLL hijacking due to improper library search path handling, enabling local attackers to execute arbitrary code with administrator privileges. An attacker with local access and user interaction can exploit this vulnerability by placing malicious DLLs in predictable locations to gain full system compromise. No patch is currently available for this high-severity vulnerability.

Privilege Escalation RCE
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-46310 MEDIUM This Month

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. [CVSS 6.0 MEDIUM]

Apple Privilege Escalation
NVD VulDB
CVSS 3.1
6.0
EPSS
0.0%
CVE-2024-50619 HIGH This Week

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. [CVSS 8.8 HIGH]

Privilege Escalation Cipace
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-26158 HIGH PATCH CISA Act Now

D-Link products using BusyBox are vulnerable to privilege escalation through malicious tar archives containing unvalidated symlink or hardlink entries that extract files outside the intended directory. An attacker with local access can craft a specially crafted archive to modify critical system files when extraction occurs with elevated privileges, potentially gaining unauthorized system access. No patch is currently available for this vulnerability.

Privilege Escalation Authentication Bypass
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2025-64487 HIGH This Week

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. [CVSS 7.6 HIGH]

Privilege Escalation Outline
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-61969 Monitor

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Privilege Escalation RCE
NVD
EPSS
0.0%
CVE-2025-52541 HIGH This Week

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. [CVSS 7.3 HIGH]

Privilege Escalation RCE
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-48503 HIGH This Week

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. [CVSS 7.8 HIGH]

Privilege Escalation RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-15096 HIGH This Week

The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access t...

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-29951 This Week

A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution.

Buffer Overflow Privilege Escalation RCE
NVD
EPSS
0.0%
CVE-2026-21533 HIGH POC KEV PATCH THREAT Act Now

Windows Remote Desktop contains an improper privilege management vulnerability (CVE-2026-21533, CVSS 7.8) enabling authorized local attackers to escalate to SYSTEM. KEV-listed, this vulnerability in the RDP subsystem is particularly concerning in environments where Remote Desktop is widely used, as it can be chained with RDP session access for complete system compromise.

Privilege Escalation Microsoft
NVD VulDB GitHub
CVSS 3.1
7.8
EPSS
2.7%
CVE-2025-36522 MEDIUM This Month

Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with...

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-36511 MEDIUM This Month

Incorrect default permissions for some Intel(R) Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special i...

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-35999 MEDIUM This Month

Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result ...

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-35998 HIGH This Week

Privilege escalation in Intel QuickAssist Technology (QAT) on certain Intel platforms allows a system-software adversary already holding privileged (Ring 0 / kernel-level) access to read and corrupt kernel state via an unprotected alternate hardware interface. The flaw stems from a missing protection mechanism on a secondary hardware control path, yielding high confidentiality and integrity impact but no availability loss. There is no public exploit identified at time of analysis, EPSS is negligible (0.01%), and it is not listed in CISA KEV.

Privilege Escalation Intel
NVD VulDB
CVSS 4.0
7.0
EPSS
0.0%
CVE-2025-33030 LOW Monitor

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data corruption. [CVSS 3.3 LOW]

Privilege Escalation
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2025-32453 MEDIUM This Month

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2025-32452 MEDIUM This Month

Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowl...

Privilege Escalation AI / ML
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-32092 MEDIUM This Month

Graphics Software versions up to 25.30.1702.0 contains a vulnerability that allows attackers to an escalation of privilege (CVSS 6.7).

Privilege Escalation Intel
NVD
CVSS 4.0
5.4
EPSS
0.0%
CVE-2025-31655 MEDIUM This Month

Incorrect default permissions for some Intel(R) Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-31648 LOW Monitor

Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. [CVSS 3.9 LOW]

Privilege Escalation
NVD VulDB
CVSS 3.1
3.9
EPSS
0.0%
CVE-2025-30513 HIGH This Week

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. [CVSS 7.9 HIGH]

Privilege Escalation Race Condition
NVD VulDB
CVSS 3.1
7.9
EPSS
0.0%
CVE-2025-25210 HIGH This Week

Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. [CVSS 8.2 HIGH]

Privilege Escalation
NVD
CVSS 3.1
8.2
EPSS
0.0%
CVE-2025-22885 MEDIUM This Month

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. [CVSS 4.7 MEDIUM]

Privilege Escalation
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-22849 MEDIUM This Month

Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-22453 HIGH This Week

Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. [CVSS 7.5 HIGH]

Privilege Escalation
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-20106 MEDIUM This Month

Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access w...

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20070 MEDIUM This Month

Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-25655 HIGH This Week

Arbitrary code execution in Siemens SINEC NMS versions prior to V4.0 SP2 can be achieved when a low-privileged user modifies configuration files to load malicious DLLs, resulting in administrative privilege execution. This local vulnerability affects all current deployments and currently has no available patch. An authenticated attacker with local access can exploit this to gain full system compromise.

Privilege Escalation RCE Sinec Nms
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-11547 HIGH This Week

AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user. [CVSS 7.8 HIGH]

Privilege Escalation Camera Station Pro
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24312 MEDIUM This Month

SAP Business Workflow contains an authorization bypass that allows authenticated administrators to escalate privileges by misusing permissions from lower-sensitivity functions to perform unauthorized high-privilege operations. An attacker with admin credentials can exploit this flaw to compromise data integrity, though confidentiality and availability impacts are limited. No patch is currently available for this vulnerability.

SAP Privilege Escalation Sap Basis
NVD
CVSS 3.1
5.2
EPSS
0.0%
CVE-2026-23688 MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Manage Service Entry Sheets allow authenticated users to escalate privileges and modify data they should not have access to. The vulnerability affects SAP S/4HANA Core installations and requires user authentication to exploit, limiting the immediate risk but potentially enabling insider threats or account compromise scenarios.

SAP Privilege Escalation S4core
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-0845 HIGH This Week

Unauthorized option modification in WCFM - Frontend Manager for WooCommerce up to version 6.7.24 allows authenticated Shop Manager-level users to bypass capability checks and alter arbitrary WordPress settings. An attacker with these privileges can exploit this to change the default registration role to administrator and enable user registration, gaining full admin access to the site. No patch is currently available for this vulnerability.

WordPress Privilege Escalation
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-15310 HIGH This Week

Endpoint Configuration Toolset Solution is affected by improper link resolution before file access (CVSS 7.8).

Privilege Escalation Endpoint Configuration Toolset Solution Patch Endpoint Tools
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25958 npm HIGH PATCH This Week

Privilege escalation in Cube.js versions 0.27.19 through 1.5.12 allows authenticated attackers to craft specially designed API requests that bypass access controls and gain elevated privileges within the application. This vulnerability affects Cube.js semantic layer deployments and requires only a valid API token to exploit, making it a risk to multi-tenant or role-based access control implementations. No patch is currently available for this HIGH severity issue.

Privilege Escalation Cube.Js
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-15319 HIGH This Week

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. [CVSS 7.8 HIGH]

Privilege Escalation Patch Endpoint Tools
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-15316 MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-15315 MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-25497 PHP HIGH PATCH This Week

Craft CMS versions 4.0.0-RC1 to 4.17.0 and 5.0 to 5.9.0 contain a privilege escalation vulnerability in the GraphQL API that allows authenticated users with write access to one asset volume to modify or transfer assets across any other volume, including restricted ones they should not access. The vulnerability stems from insufficient authorization validation in the saveAsset mutation, which verifies permissions against the intended volume but fails to confirm the target asset actually belongs to that volume. An attacker with limited asset write permissions can exploit this to gain unauthorized access to and manipulate sensitive assets in protected volumes.

Privilege Escalation Craft Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-14778 Maven MEDIUM PATCH This Month

A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). [CVSS 5.4 MEDIUM]

Privilege Escalation Red Hat
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-0870 HIGH This Week

GIGABYTE MacroHub improperly executes external applications with elevated privileges, enabling authenticated local users to achieve arbitrary code execution with SYSTEM-level access. This local privilege escalation affects MacroHub users on Windows systems and could allow attackers to fully compromise affected machines. No patch is currently available.

Privilege Escalation
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-15100 HIGH This Week

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jay_panel_ajax_update_profile' function. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-15027 CRITICAL Act Now

Privilege escalation in JAY Login & Register WordPress plugin allows unauthenticated attackers to register as administrators. All versions up to 1.1.6 affected.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2020-37160 MEDIUM POC This Month

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. [CVSS 6.2 MEDIUM]

Windows Privilege Escalation
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-25725 npm CRITICAL PATCH Act Now

Claude Code prior to version 2.1.2 has a CVSS 10.0 sandbox escape in the bubblewrap sandboxing mechanism, allowing code execution outside the intended sandbox boundary.

Privilege Escalation Code Injection RCE Docker Linux +2
NVD GitHub VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2025-13818 MEDIUM This Month

Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent [CVSS 6.7 MEDIUM]

Privilege Escalation Management Agent
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-24924 MEDIUM This Month

Harmonyos versions up to 6.0.0 is affected by permissions, privileges, and access controls (CVSS 6.1).

Privilege Escalation Harmonyos
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-24920 MEDIUM This Month

Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.2 MEDIUM]

Privilege Escalation Emui Harmonyos
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-24931 MEDIUM This Month

Harmonyos versions up to 5.1.0 is affected by permissions, privileges, and access controls (CVSS 5.9).

Privilege Escalation Harmonyos
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-24923 MEDIUM This Month

Harmonyos versions up to 6.0.0 is affected by permissions, privileges, and access controls (CVSS 6.3).

Privilege Escalation Harmonyos
NVD
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-0106 CRITICAL Act Now

Missing bounds check in Android VPU (Video Processing Unit) driver's vpu_mmap allows arbitrary address memory mapping, potentially leading to local privilege escalation on Android devices.

Privilege Escalation Android Google
NVD
CVSS 3.1
9.3
EPSS
0.0%
CVE-2025-15343 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Enforce. [CVSS 6.5 MEDIUM]

Privilege Escalation Enforce
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15341 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Benchmark. [CVSS 6.5 MEDIUM]

Privilege Escalation Benchmark
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15340 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Comply. [CVSS 6.5 MEDIUM]

Privilege Escalation Comply
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15339 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Discover. [CVSS 6.5 MEDIUM]

Privilege Escalation Discover
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15338 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Partner Integration. [CVSS 6.5 MEDIUM]

Privilege Escalation Partner Integration
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15337 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Patch. [CVSS 6.5 MEDIUM]

Privilege Escalation Patch
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15336 MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Performance. [CVSS 6.5 MEDIUM]

Privilege Escalation Performance
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-15321 LOW Monitor

Tanium addressed an improper input validation vulnerability in Tanium Appliance. [CVSS 2.7 LOW]

Privilege Escalation Tanos
NVD
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-0715 MEDIUM This Month

Bootloader menu access in Moxa UC series industrial computers can be obtained by attackers with physical access using a device-unique password, potentially enabling temporary denial-of-service through firmware reflashing. The vulnerability is constrained by bootloader signature verification that prevents installation of unsigned firmware or arbitrary code execution. No patch is currently available for affected Linux and UC firmware versions.

Linux Privilege Escalation V1202 Ct T Firmware Uc 3424a T Lte Firmware V2406c Wl1 Ct T Firmware +32
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-68723 CRITICAL Act Now

Multiple stored XSS vulnerabilities in Axigen Mail Server before 10.5.57 WebAdmin interface allow authenticated administrators to inject persistent malicious scripts that execute in other admin sessions.

TLS XSS Privilege Escalation Axigen Mail Server
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2020-37129 CRITICAL POC Act Now

Insecure folder permissions in MEmu Play 7.1.3 Android emulator allow low-privileged users to modify application binaries, enabling privilege escalation to SYSTEM. PoC available.

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-1554 PHP MEDIUM PATCH This Month

Central Authentication System Server versions up to 2.0.3 contains a security vulnerability (CVSS 4.2).

Drupal Privilege Escalation Central Authentication System Server
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-0948 PHP MEDIUM PATCH This Month

The Microsoft Entra ID SSO Login module for Drupal before version 1.0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to escalate privileges through an alternate authentication channel. An attacker can exploit this flaw to gain unauthorized access with elevated permissions on affected Drupal installations. No patch is currently available, and the vulnerability has low exploit probability (EPSS 0.1%).

Drupal Privilege Escalation Authentication Bypass Microsoft Entra Id Sso Login
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-0945 PHP HIGH PATCH This Week

The Drupal Role Delegation module versions 1.3.0 through 1.5.0 contains an unsafe privilege definition vulnerability that permits authenticated users with delegation permissions to escalate their privileges within the application. An attacker with limited account access could exploit this flaw to gain elevated permissions and modify system settings or access restricted functionality. No patch is currently available for this vulnerability.

Privilege Escalation Role Delegation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-0662 HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when users open max files from maliciously crafted project directories that exploit an untrusted search path vulnerability. Local attackers can leverage this to execute arbitrary code with the privileges of the current user without requiring special permissions or interaction beyond opening a file. No patch is currently available for this high-severity vulnerability affecting 3ds Max users.

Privilege Escalation RCE 3ds Max
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22549 MEDIUM This Month

F5 BIG-IP Container Ingress Services contains an improper privilege management flaw that allows high-privileged users to read sensitive cluster secrets beyond their intended authorization scope. An authenticated attacker with elevated permissions could exploit this vulnerability to gain unauthorized access to confidential Kubernetes cluster data. No patch is currently available for this medium-severity issue.

Privilege Escalation Big Ip Container Ingress Services
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2026-25150 npm CRITICAL PATCH Act Now

Qwik JavaScript framework prior to 1.19.0 has a prototype pollution vulnerability that can lead to server-side code execution in SSR applications.

Denial Of Service Privilege Escalation Authentication Bypass Qwik
NVD GitHub
CVSS 3.1
9.3
EPSS
0.1%
CVE-2025-65078 Monitor

An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

Privilege Escalation RCE
NVD
EPSS
0.0%
CVE-2026-24149 HIGH This Week

Local code injection in NVIDIA Megatron-LM allows authenticated users to achieve arbitrary code execution and privilege escalation through malicious input to vulnerable scripts. An attacker with local access can craft specially designed data to trigger unsafe code evaluation, enabling complete system compromise including data theft and modification. No patch is currently available for this vulnerability affecting all supported platforms.

Privilege Escalation Code Injection Information Disclosure AI / ML
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-70559 PyPI MEDIUM PATCH This Month

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]

Python Privilege Escalation Deserialization RCE Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-69875 HIGH POC This Week

A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. [CVSS 7.8 HIGH]

Privilege Escalation Total Security
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66374 HIGH This Week

Endpoint Privilege Manager versions up to 25.10.0 is affected by improper privilege management (CVSS 7.8).

Privilege Escalation Endpoint Privilege Manager
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-67856 PHP MEDIUM PATCH This Month

A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. [CVSS 5.4 MEDIUM]

Moodle Privilege Escalation
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-24694 HIGH This Week

Arbitrary code execution in Roland Cloud Manager installer versions 3.1.19 and earlier results from insecure DLL loading, enabling local attackers to execute malicious code with application-level privileges. An attacker with local access and user interaction can exploit this vulnerability to compromise systems running the affected installer. No patch is currently available to remediate this vulnerability.

Privilege Escalation RCE
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-58379 MEDIUM This Month

Fabric Operating System versions up to 9.2.1 is affected by execution with unnecessary privileges (CVSS 5.5).

Privilege Escalation Fabric Operating System
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0924 HIGH This Week

BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2.

Race Condition Privilege Escalation Buhocleaner
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-24070 HIGH POC This Week

Native Access on macOS allows local authenticated attackers to inject malicious libraries into the privileged XPC helper process due to overly permissive code signing entitlements, enabling arbitrary code execution with system-level privileges. The vulnerability stems from the application being signed with dyld environment variable and library validation bypass entitlements while communicating with a trusted helper that validates only the signing certificate. Public exploit code exists, and no patch is currently available.

Privilege Escalation Apple
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20418 CRITICAL Act Now

Remote privilege escalation in Android Thread networking protocol implementation via out-of-bounds write. No additional execution privileges needed.

Privilege Escalation Matter
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-20417 MEDIUM This Month

Local privilege escalation in Android's PCIe driver stems from an out-of-bounds write vulnerability caused by insufficient bounds validation, allowing attackers with system-level privileges to escalate their access without user interaction. This medium-severity vulnerability (CVSS 5.3) affects Android devices and currently has no available patch. The CWE-787 vulnerability requires an attacker to already possess system privileges, limiting the immediate exploitation scope.

Privilege Escalation Android Google
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20414 MEDIUM This Month

Android's imgsys component contains a use-after-free vulnerability that allows privilege escalation when exploited by an attacker who already has system-level access. The flaw requires no user interaction and could enable a malicious actor to escalate their privileges further within the device. Currently, no patch is available to address this vulnerability.

Use After Free Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-20413 MEDIUM This Month

Android versions up to 15.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.7).

Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-20412 HIGH This Week

The Android cameraisp component contains an out-of-bounds write vulnerability due to insufficient bounds validation, enabling privilege escalation for attackers who have already gained system-level access. No user interaction is required for exploitation, and the vulnerability affects confidentiality, integrity, and availability of the device. No patch is currently available.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20411 HIGH This Week

A use-after-free vulnerability in Android's cameraisp component allows privilege escalation to local denial of service for attackers with system-level access, requiring no user interaction. The flaw enables malicious actors to manipulate memory safety boundaries and execute arbitrary actions within the camera service context. No patch is currently available for this vulnerability.

Use After Free Denial Of Service Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0%
Monitor

Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability.

macOS Golang Privilege Escalation +1
NVD
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

FrankenPHP versions prior to 1.11.2 fail to properly isolate session data between worker requests, enabling cross-user session fixation where an attacker can read sensitive $_SESSION information intended for other users. This high-severity flaw affects multi-request worker mode deployments and has public exploit code available. A patched version 1.11.2 is available and should be deployed immediately.

Privilege Escalation Frankenphp Suse
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification. [CVSS 7.8 HIGH]

Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 7.3
HIGH This Week

A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. [CVSS 7.3 HIGH]

Privilege Escalation RCE
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Freepbx versions up to 17.0.5 contains a vulnerability that allows attackers to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX tha (CVSS 7.5).

MySQL Privilege Escalation Freepbx
NVD GitHub
EPSS 0% CVSS 8.2
HIGH PATCH This Week

Heap buffer overflow in the pg_trgm extension of PostgreSQL 18.0 and 18.1 allows authenticated database users to trigger memory corruption through specially crafted input strings. An attacker with database access could potentially achieve privilege escalation or cause service disruption, though exploit complexity is currently limited by restricted control over written data. No patch is currently available.

PostgreSQL Buffer Overflow Privilege Escalation +1
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

M-Track Duo HD version 1.0.0 installer is vulnerable to DLL hijacking due to improper library search path handling, enabling local attackers to execute arbitrary code with administrator privileges. An attacker with local access and user interaction can exploit this vulnerability by placing malicious DLLs in predictable locations to gain full system compromise. No patch is currently available for this high-severity vulnerability.

Privilege Escalation RCE
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. [CVSS 6.0 MEDIUM]

Apple Privilege Escalation
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. [CVSS 8.8 HIGH]

Privilege Escalation Cipace
NVD
EPSS 0% CVSS 7.0
HIGH PATCH Act Now

D-Link products using BusyBox are vulnerable to privilege escalation through malicious tar archives containing unvalidated symlink or hardlink entries that extract files outside the intended directory. An attacker with local access can craft a specially crafted archive to modify critical system files when extraction occurs with elevated privileges, potentially gaining unauthorized system access. No patch is currently available for this vulnerability.

Privilege Escalation Authentication Bypass
NVD VulDB
EPSS 0% CVSS 7.6
HIGH This Week

Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in the Outline document management system due to inconsistent authorization checks between user and group membership management endpoints. [CVSS 7.6 HIGH]

Privilege Escalation Outline
NVD GitHub
EPSS 0%
Monitor

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

Privilege Escalation RCE
NVD
EPSS 0% CVSS 7.3
HIGH This Week

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. [CVSS 7.3 HIGH]

Privilege Escalation RCE
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. [CVSS 7.8 HIGH]

Privilege Escalation RCE
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The 'Videospirecore Theme Plugin' plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.6. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access t...

WordPress Privilege Escalation PHP
NVD
EPSS 0%
This Week

A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution.

Buffer Overflow Privilege Escalation RCE
NVD
EPSS 3% CVSS 7.8
HIGH POC KEV PATCH THREAT Act Now

Windows Remote Desktop contains an improper privilege management vulnerability (CVE-2026-21533, CVSS 7.8) enabling authorized local attackers to escalate to SYSTEM. KEV-listed, this vulnerability in the RDP subsystem is particularly concerning in environments where Remote Desktop is widely used, as it can be chained with RDP session access for complete system compromise.

Privilege Escalation Microsoft
NVD VulDB GitHub
EPSS 0% CVSS 6.7
MEDIUM This Month

Incorrect default permissions for some Intel(R) Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with...

Privilege Escalation
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Incorrect default permissions for some Intel(R) Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special i...

Privilege Escalation
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result ...

Privilege Escalation
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Privilege escalation in Intel QuickAssist Technology (QAT) on certain Intel platforms allows a system-software adversary already holding privileged (Ring 0 / kernel-level) access to read and corrupt kernel state via an unprotected alternate hardware interface. The flaw stems from a missing protection mechanism on a secondary hardware control path, yielding high confidentiality and integrity impact but no availability loss. There is no public exploit identified at time of analysis, EPSS is negligible (0.01%), and it is not listed in CISA KEV.

Privilege Escalation Intel
NVD VulDB
EPSS 0% CVSS 3.3
LOW Monitor

Improper conditions check in some firmware for some Intel(R) NPU Drivers within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data corruption. [CVSS 3.3 LOW]

Privilege Escalation
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for some Intel(R) Graphics Driver software within Ring 2: Privileged Process may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation Intel
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowl...

Privilege Escalation AI / ML
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Graphics Software versions up to 25.30.1702.0 contains a vulnerability that allows attackers to an escalation of privilege (CVSS 6.7).

Privilege Escalation Intel
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Incorrect default permissions for some Intel(R) Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation
NVD
EPSS 0% CVSS 3.9
LOW Monitor

Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. [CVSS 3.9 LOW]

Privilege Escalation
NVD VulDB
EPSS 0% CVSS 7.9
HIGH This Week

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. [CVSS 7.9 HIGH]

Privilege Escalation Race Condition
NVD VulDB
EPSS 0% CVSS 8.2
HIGH This Week

Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. [CVSS 8.2 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. [CVSS 4.7 MEDIUM]

Privilege Escalation
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper input validation for some Server Firmware Update Utility(SysFwUpdt) before version 16.0.12 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. [CVSS 7.5 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access w...

Privilege Escalation
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. [CVSS 6.7 MEDIUM]

Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Siemens SINEC NMS versions prior to V4.0 SP2 can be achieved when a low-privileged user modifies configuration files to load malicious DLLs, resulting in administrative privilege execution. This local vulnerability affects all current deployments and currently has no available patch. An authenticated attacker with local access can exploit this to gain full system compromise.

Privilege Escalation RCE Sinec Nms
NVD
EPSS 0% CVSS 7.8
HIGH This Week

AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user. [CVSS 7.8 HIGH]

Privilege Escalation Camera Station Pro
NVD
EPSS 0% CVSS 5.2
MEDIUM This Month

SAP Business Workflow contains an authorization bypass that allows authenticated administrators to escalate privileges by misusing permissions from lower-sensitivity functions to perform unauthorized high-privilege operations. An attacker with admin credentials can exploit this flaw to compromise data integrity, though confidentiality and availability impacts are limited. No patch is currently available for this vulnerability.

SAP Privilege Escalation Sap Basis
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Manage Service Entry Sheets allow authenticated users to escalate privileges and modify data they should not have access to. The vulnerability affects SAP S/4HANA Core installations and requires user authentication to exploit, limiting the immediate risk but potentially enabling insider threats or account compromise scenarios.

SAP Privilege Escalation S4core
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Unauthorized option modification in WCFM - Frontend Manager for WooCommerce up to version 6.7.24 allows authenticated Shop Manager-level users to bypass capability checks and alter arbitrary WordPress settings. An attacker with these privileges can exploit this to change the default registration role to administrator and enable user registration, gaining full admin access to the site. No patch is currently available for this vulnerability.

WordPress Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Endpoint Configuration Toolset Solution is affected by improper link resolution before file access (CVSS 7.8).

Privilege Escalation Endpoint Configuration Toolset Solution Patch Endpoint Tools
NVD
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Privilege escalation in Cube.js versions 0.27.19 through 1.5.12 allows authenticated attackers to craft specially designed API requests that bypass access controls and gain elevated privileges within the application. This vulnerability affects Cube.js semantic layer deployments and requires only a valid API token to exploit, making it a risk to multi-tenant or role-based access control implementations. No patch is currently available for this HIGH severity issue.

Privilege Escalation Cube.Js
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. [CVSS 7.8 HIGH]

Privilege Escalation Patch Endpoint Tools
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. [CVSS 6.7 MEDIUM]

Privilege Escalation Server Module Server
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Craft CMS versions 4.0.0-RC1 to 4.17.0 and 5.0 to 5.9.0 contain a privilege escalation vulnerability in the GraphQL API that allows authenticated users with write access to one asset volume to modify or transfer assets across any other volume, including restricted ones they should not access. The vulnerability stems from insufficient authorization validation in the saveAsset mutation, which verifies permissions against the intended volume but fails to confirm the target asset actually belongs to that volume. An attacker with limited asset write permissions can exploit this to gain unauthorized access to and manipulate sensitive assets in protected volumes.

Privilege Escalation Craft Cms
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). [CVSS 5.4 MEDIUM]

Privilege Escalation Red Hat
NVD
EPSS 0% CVSS 7.8
HIGH This Week

GIGABYTE MacroHub improperly executes external applications with elevated privileges, enabling authenticated local users to achieve arbitrary code execution with SYSTEM-level access. This local privilege escalation affects MacroHub users on Windows systems and could allow attackers to fully compromise affected machines. No patch is currently available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jay_panel_ajax_update_profile' function. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Privilege escalation in JAY Login & Register WordPress plugin allows unauthenticated attackers to register as administrators. All versions up to 1.1.6 affected.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 6.2
MEDIUM POC This Month

SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. [CVSS 6.2 MEDIUM]

Windows Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Claude Code prior to version 2.1.2 has a CVSS 10.0 sandbox escape in the bubblewrap sandboxing mechanism, allowing code execution outside the intended sandbox boundary.

Privilege Escalation Code Injection RCE +4
NVD GitHub VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent [CVSS 6.7 MEDIUM]

Privilege Escalation Management Agent
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Harmonyos versions up to 6.0.0 is affected by permissions, privileges, and access controls (CVSS 6.1).

Privilege Escalation Harmonyos
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability. [CVSS 6.2 MEDIUM]

Privilege Escalation Emui Harmonyos
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Harmonyos versions up to 5.1.0 is affected by permissions, privileges, and access controls (CVSS 5.9).

Privilege Escalation Harmonyos
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

Harmonyos versions up to 6.0.0 is affected by permissions, privileges, and access controls (CVSS 6.3).

Privilege Escalation Harmonyos
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Missing bounds check in Android VPU (Video Processing Unit) driver's vpu_mmap allows arbitrary address memory mapping, potentially leading to local privilege escalation on Android devices.

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Enforce. [CVSS 6.5 MEDIUM]

Privilege Escalation Enforce
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Benchmark. [CVSS 6.5 MEDIUM]

Privilege Escalation Benchmark
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Comply. [CVSS 6.5 MEDIUM]

Privilege Escalation Comply
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Discover. [CVSS 6.5 MEDIUM]

Privilege Escalation Discover
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Partner Integration. [CVSS 6.5 MEDIUM]

Privilege Escalation Partner Integration
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Patch. [CVSS 6.5 MEDIUM]

Privilege Escalation Patch
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Tanium addressed an incorrect default permissions vulnerability in Performance. [CVSS 6.5 MEDIUM]

Privilege Escalation Performance
NVD
EPSS 0% CVSS 2.7
LOW Monitor

Tanium addressed an improper input validation vulnerability in Tanium Appliance. [CVSS 2.7 LOW]

Privilege Escalation Tanos
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Bootloader menu access in Moxa UC series industrial computers can be obtained by attackers with physical access using a device-unique password, potentially enabling temporary denial-of-service through firmware reflashing. The vulnerability is constrained by bootloader signature verification that prevents installation of unsigned firmware or arbitrary code execution. No patch is currently available for affected Linux and UC firmware versions.

Linux Privilege Escalation V1202 Ct T Firmware +34
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Multiple stored XSS vulnerabilities in Axigen Mail Server before 10.5.57 WebAdmin interface allow authenticated administrators to inject persistent malicious scripts that execute in other admin sessions.

TLS XSS Privilege Escalation +1
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Insecure folder permissions in MEmu Play 7.1.3 Android emulator allow low-privileged users to modify application binaries, enabling privilege escalation to SYSTEM. PoC available.

Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Central Authentication System Server versions up to 2.0.3 contains a security vulnerability (CVSS 4.2).

Drupal Privilege Escalation Central Authentication System Server
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The Microsoft Entra ID SSO Login module for Drupal before version 1.0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to escalate privileges through an alternate authentication channel. An attacker can exploit this flaw to gain unauthorized access with elevated permissions on affected Drupal installations. No patch is currently available, and the vulnerability has low exploit probability (EPSS 0.1%).

Drupal Privilege Escalation Authentication Bypass +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The Drupal Role Delegation module versions 1.3.0 through 1.5.0 contains an unsafe privilege definition vulnerability that permits authenticated users with delegation permissions to escalate their privileges within the application. An attacker with limited account access could exploit this flaw to gain elevated permissions and modify system settings or access restricted functionality. No patch is currently available for this vulnerability.

Privilege Escalation Role Delegation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Autodesk 3ds Max occurs when users open max files from maliciously crafted project directories that exploit an untrusted search path vulnerability. Local attackers can leverage this to execute arbitrary code with the privileges of the current user without requiring special permissions or interaction beyond opening a file. No patch is currently available for this high-severity vulnerability affecting 3ds Max users.

Privilege Escalation RCE 3ds Max
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

F5 BIG-IP Container Ingress Services contains an improper privilege management flaw that allows high-privileged users to read sensitive cluster secrets beyond their intended authorization scope. An authenticated attacker with elevated permissions could exploit this vulnerability to gain unauthorized access to confidential Kubernetes cluster data. No patch is currently available for this medium-severity issue.

Privilege Escalation Big Ip Container Ingress Services
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Qwik JavaScript framework prior to 1.19.0 has a prototype pollution vulnerability that can lead to server-side code execution in SSR applications.

Denial Of Service Privilege Escalation Authentication Bypass +1
NVD GitHub
EPSS 0%
Monitor

An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code.

Privilege Escalation RCE
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Local code injection in NVIDIA Megatron-LM allows authenticated users to achieve arbitrary code execution and privilege escalation through malicious input to vulnerable scripts. An attacker with local access can craft specially designed data to trigger unsafe code evaluation, enabling complete system compromise including data theft and modification. No patch is currently available for this vulnerability affecting all supported platforms.

Privilege Escalation Code Injection Information Disclosure +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. [CVSS 6.5 MEDIUM]

Python Privilege Escalation Deserialization +2
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. [CVSS 7.8 HIGH]

Privilege Escalation Total Security
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

Endpoint Privilege Manager versions up to 25.10.0 is affected by improper privilege management (CVSS 7.8).

Privilege Escalation Endpoint Privilege Manager
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A flaw was found in Moodle. An authorization logic flaw, specifically due to incomplete role checks during the badge awarding process, allowed badges to be granted without proper verification. [CVSS 5.4 MEDIUM]

Moodle Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Arbitrary code execution in Roland Cloud Manager installer versions 3.1.19 and earlier results from insecure DLL loading, enabling local attackers to execute malicious code with application-level privileges. An attacker with local access and user interaction can exploit this vulnerability to compromise systems running the affected installer. No patch is currently available to remediate this vulnerability.

Privilege Escalation RCE
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Fabric Operating System versions up to 9.2.1 is affected by execution with unnecessary privileges (CVSS 5.5).

Privilege Escalation Fabric Operating System
NVD
EPSS 0% CVSS 7.3
HIGH This Week

BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2.

Race Condition Privilege Escalation Buhocleaner
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Native Access on macOS allows local authenticated attackers to inject malicious libraries into the privileged XPC helper process due to overly permissive code signing entitlements, enabling arbitrary code execution with system-level privileges. The vulnerability stems from the application being signed with dyld environment variable and library validation bypass entitlements while communicating with a trusted helper that validates only the signing certificate. Public exploit code exists, and no patch is currently available.

Privilege Escalation Apple
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote privilege escalation in Android Thread networking protocol implementation via out-of-bounds write. No additional execution privileges needed.

Privilege Escalation Matter
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Local privilege escalation in Android's PCIe driver stems from an out-of-bounds write vulnerability caused by insufficient bounds validation, allowing attackers with system-level privileges to escalate their access without user interaction. This medium-severity vulnerability (CVSS 5.3) affects Android devices and currently has no available patch. The CWE-787 vulnerability requires an attacker to already possess system privileges, limiting the immediate exploitation scope.

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Android's imgsys component contains a use-after-free vulnerability that allows privilege escalation when exploited by an attacker who already has system-level access. The flaw requires no user interaction and could enable a malicious actor to escalate their privileges further within the device. Currently, no patch is available to address this vulnerability.

Use After Free Privilege Escalation Android +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Android versions up to 15.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.7).

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Android cameraisp component contains an out-of-bounds write vulnerability due to insufficient bounds validation, enabling privilege escalation for attackers who have already gained system-level access. No user interaction is required for exploitation, and the vulnerability affects confidentiality, integrity, and availability of the device. No patch is currently available.

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A use-after-free vulnerability in Android's cameraisp component allows privilege escalation to local denial of service for attackers with system-level access, requiring no user interaction. The flaw enables malicious actors to manipulate memory safety boundaries and execute arbitrary actions within the camera service context. No patch is currently available for this vulnerability.

Use After Free Denial Of Service Privilege Escalation +2
NVD
Prev Page 16 of 148 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy