Skip to main content

Privilege Escalation

13302 CVEs technique

Monthly

CVE-2026-20410 MEDIUM This Month

Local privilege escalation in Android's imgsys component allows system-level processes to achieve full system compromise through an out-of-bounds write caused by insufficient bounds validation. An attacker with existing system privileges can exploit this flaw without user interaction to gain complete control over the affected device. No patch is currently available for this vulnerability.

Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-20409 HIGH This Week

An out-of-bounds write vulnerability in Android's imgsys component allows a local attacker with system-level privileges to escalate permissions and gain complete control over the device due to insufficient bounds checking. The vulnerability requires no user interaction and cannot be patched in current versions. This affects Android devices where an attacker has already obtained elevated system access.

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20408 HIGH This Week

OpenWRT and related SDKs are vulnerable to a heap buffer overflow in the WLAN component that allows adjacent network attackers to execute privilege escalation without user interaction or special permissions. The out-of-bounds write condition enables attackers on the same network segment to gain elevated system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Privilege Escalation Openwrt Software Development Kit
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20407 CRITICAL Act Now

Out-of-bounds write in Android WLAN STA driver due to missing bounds check allows local privilege escalation to System with user interaction.

Privilege Escalation Nbiot Sdk
NVD
CVSS 3.1
9.3
EPSS
0.0%
CVE-2026-25201 HIGH This Week

Remote code execution in MagicInfo 9 Server (versions prior to 21.1090.1) allows unauthenticated attackers to upload arbitrary files without authentication, resulting in complete system compromise with high confidentiality, integrity, and availability impact. The vulnerability enables privilege escalation and requires only user interaction to trigger. No patch is currently available for this critical flaw affecting all vulnerable MagicInfo 9 Server installations.

Privilege Escalation Magicinfo 9 Server
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25129 PHP MEDIUM POC PATCH This Month

PsySH versions prior to 0.11.23 and 0.12.19 automatically execute a `.psysh.php` file from the current working directory during startup, allowing local attackers with write access to a directory to achieve arbitrary code execution when a user launches PsySH from that location. When a privileged user such as root or a CI runner executes PsySH in an attacker-controlled directory, this results in local privilege escalation. Public exploit code exists for this vulnerability and no patch is currently available.

PHP Laravel Privilege Escalation Psysh
NVD GitHub
CVSS 3.1
6.7
EPSS
0.0%
CVE-2020-37060 HIGH POC This Week

its service configuration contains a vulnerability that allows attackers to execute arbitrary code with SYSTEM privileges (CVSS 7.8).

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-13176 This Week

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL.

Privilege Escalation
NVD
EPSS
0.0%
CVE-2026-25040 HIGH POC This Week

Budibase is a low code platform for creating internal tools, workflows, and admin panels. [CVSS 8.8 HIGH]

Privilege Escalation Budibase
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69929 CRITICAL POC Act Now

Client-side password hashing in N3uron Web UI v1.21.7 allows privilege escalation. Weak hashing enables attackers to forge authentication credentials. PoC available.

Privilege Escalation Web User Interface
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69604 HIGH This Week

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls. [CVSS 7.8 HIGH]

Privilege Escalation Apple Superduper
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23896 HIGH POC This Week

Immich versions prior to 2.5.0 contain an improper access control flaw that allows any authenticated API key to escalate its privileges to full administrator level by manipulating the update endpoint. Public exploit code exists for this vulnerability, enabling attackers with basic API access to completely compromise the system. The flaw affects all unpatched Immich installations and requires upgrading to version 2.5.0 or later to remediate.

Privilege Escalation Immich
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-13905 This Week

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.

Privilege Escalation
NVD
EPSS
0.0%
CVE-2020-37021 HIGH POC This Week

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup. [CVSS 7.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-24768 npm MEDIUM POC PATCH This Month

NocoDB versions prior to 0.301.0 contain an open redirect vulnerability in the login flow where the `continueAfterSignIn` parameter is not validated, allowing attackers to redirect authenticated users to arbitrary external websites. Public exploit code exists for this vulnerability, which enables phishing attacks by abusing user trust in the legitimate login process to facilitate credential theft through social engineering. Authenticated users are at risk of being redirected to attacker-controlled domains immediately after successful login.

Privilege Escalation Authentication Bypass Open Redirect Nocodb
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-69289 MEDIUM This Month

Discourse is an open source discussion platform. A privilege escalation vulnerability in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 allows a non-admin moderator to bypass email-change restrictions, allowing a takeover of non-staff accounts. [CVSS 5.4 MEDIUM]

Privilege Escalation Discourse
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2025-33220 HIGH This Week

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. [CVSS 7.8 HIGH]

Denial Of Service Privilege Escalation Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33219 HIGH PATCH This Week

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. [CVSS 7.8 HIGH]

Linux Integer Overflow Denial Of Service Privilege Escalation Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33218 HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. [CVSS 7.8 HIGH]

Linux Windows Integer Overflow Denial Of Service Privilege Escalation +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33217 HIGH This Week

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. [CVSS 7.8 HIGH]

Windows Use After Free Denial Of Service Privilege Escalation Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36969 HIGH POC This Week

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. [CVSS 8.8 HIGH]

Privilege Escalation M Monit
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-13918 MEDIUM This Month

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. [CVSS 6.7 MEDIUM]

Broadcom Privilege Escalation
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-13917 HIGH This Week

WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. [CVSS 7.0 HIGH]

Privilege Escalation
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-0844 HIGH This Week

Simple User Registration (WordPress plugin) versions up to 6.7 is affected by improper access control (CVSS 8.8).

WordPress Privilege Escalation Authentication Bypass
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-14988 Monitor

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.

Privilege Escalation
NVD
EPSS
0.1%
CVE-2020-36980 HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2020-36977 HIGH POC This Week

ElevationService executable contains a vulnerability that allows attackers to potentially inject malicious code (CVSS 7.8).

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33234 HIGH This Week

NVIDIA runx contains a vulnerability where an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Denial Of Service Privilege Escalation Code Injection Information Disclosure AI / ML
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0705 MEDIUM This Month

Acronis Cloud Manager for Windows before build 6.4.25342.354 is vulnerable to local privilege escalation through improperly configured folder permissions, allowing authenticated users with low privileges to escalate to higher privileges. An attacker with local access and user interaction can exploit this vulnerability to gain full system control. No patch is currently available for this vulnerability.

Windows Privilege Escalation
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2020-36938 HIGH POC This Week

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory. [CVSS 8.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-21721 HIGH PATCH This Week

Dashboard permission API fails to validate scope boundaries, allowing authenticated users with permission management rights on any single dashboard to read and modify permissions across all organization dashboards. This privilege escalation affects multi-user dashboard environments where permission isolation is expected. No patch is currently available.

Privilege Escalation Authentication Bypass Grafana
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-23683 MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Intercompany Balance Reconciliation allow authenticated users to access data beyond their intended permissions, resulting in privilege escalation with limited confidentiality impact. An attacker with valid credentials can exploit this flaw to view sensitive financial reconciliation information they should not have access to. No patch is currently available.

SAP Privilege Escalation
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-9820 MEDIUM PATCH CISA This Month

A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. [CVSS 4.0 MEDIUM]

Denial Of Service Privilege Escalation RCE Stack Overflow Buffer Overflow
NVD VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-70982 CRITICAL POC Act Now

Access control bypass in SpringBlade v4.5.0 importUser function allows low-privileged users to import sensitive user data and escalate privileges. PoC available.

Spring Java Privilege Escalation Information Disclosure Authentication Bypass +1
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2025-59094 This Week

A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe).

Privilege Escalation
NVD
EPSS
0.0%
CVE-2025-70983 CRITICAL Act Now

SpringBlade v4.5.0 has an access control flaw in authRoutes allowing low-privileged users to escalate to admin through the authentication routing mechanism.

Spring Java Privilege Escalation Authentication Bypass Springblade
NVD GitHub
CVSS 3.1
9.9
EPSS
0.0%
CVE-2025-67230 HIGH This Week

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation. [CVSS 7.1 HIGH]

Privilege Escalation Builder
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-14866 HIGH This Week

Melapress Role Editor (WordPress plugin) versions up to 1.1.1. is affected by incorrect authorization (CVSS 8.8).

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-0776 HIGH This Week

Discord Client's discord_rpc module improperly loads files from an unsecured search path, enabling local attackers with low-privilege code execution to escalate privileges and run arbitrary code with elevated user context. This vulnerability requires prior local code execution capability and affects systems running vulnerable Discord Client installations. No patch is currently available.

Privilege Escalation
NVD
CVSS 3.0
7.3
EPSS
0.0%
CVE-2026-0775 HIGH PATCH This Week

npm cli contains an insecure module loading mechanism that enables local privilege escalation on Node.js installations. An attacker with low-privileged code execution can exploit this flaw to gain elevated privileges and execute arbitrary code with target user permissions. No patch is currently available for this vulnerability.

Node.js Privilege Escalation RCE
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-0758 HIGH This Week

mcp-server-siri-shortcuts fails to validate the shortcutName parameter before using it in system calls, enabling local attackers with low-privileged code execution to inject arbitrary commands and escalate to service account privileges. This command injection vulnerability (CVE-2026-0758, CVSS 7.8) affects the AI/ML tool and currently lacks a patch. An attacker exploiting this flaw can execute arbitrary code with elevated privileges on the affected system.

Privilege Escalation Command Injection AI / ML
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-54816 CRITICAL Act Now

A WebSocket endpoint lacks proper authentication, allowing unauthenticated users to connect and interact with real-time data streams and server-side functionality.

Privilege Escalation Evmapa
NVD GitHub
CVSS 3.1
9.4
EPSS
0.1%
CVE-2025-14751 Monitor

A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation.

Privilege Escalation
NVD
EPSS
0.0%
CVE-2025-66428 HIGH This Week

An issue with WordPress directory names in WebPros WordPress Toolkit versions up to 6.9.1 is affected by path traversal (CVSS 8.8).

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23763 Monitor

VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a local privilege escalation vulnerability in the VBMatrix VAIO virtual audio driver (vbmatrixvaio64*_win10.sys).

Linux Privilege Escalation
NVD GitHub
EPSS
0.0%
CVE-2025-69293 HIGH This Week

Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69292 HIGH This Week

Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69183 HIGH This Week

e-plugins Hospital Doctor Directory hospital-doctor-directory contains a security vulnerability (CVSS 8.8).

Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69182 HIGH This Week

e-plugins Institutions Directory institutions-directory contains a security vulnerability (CVSS 8.8).

Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-68869 CRITICAL Act Now

LazyTasks project management WordPress plugin has an incorrect privilege assignment vulnerability allowing low-privileged users to escalate to administrator, gaining full site control.

Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-68027 HIGH This Week

Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32. [CVSS 7.3 HIGH]

Privilege Escalation
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2025-67966 HIGH This Week

Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through <= 1.3.3. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-67953 HIGH This Week

Booking Activities Team Booking Activities booking-activities contains a security vulnerability (CVSS 8.1).

Privilege Escalation
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-50007 HIGH This Week

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through <= 1.2.9.4. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-24049 PyPI MEDIUM POC PATCH This Month

Malicious wheel files can modify file permissions on critical system files during extraction in Python wheel versions 0.40.0-0.46.1, enabling attackers to alter SSH keys, configuration files, or executable scripts. This path traversal and permission manipulation flaw affects systems unpacking untrusted wheels and can lead to privilege escalation or arbitrary code execution. Public exploit code exists for this vulnerability, though a patch is available in version 0.46.2.

Python Privilege Escalation Wheel RCE Path Traversal
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23893 MEDIUM PATCH This Month

Privilege escalation in openCryptoki 2.3.2+ allows token-group members to exploit insecure symlink handling in group-writable token directories, enabling file operations on arbitrary filesystem targets when the library runs with elevated privileges. An attacker with token-group membership can plant symlinks to redirect administrative operations, potentially leading to privilege escalation or unauthorized data access. A patch is available.

Linux Privilege Escalation Opencryptoki Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-23990 Go MEDIUM PATCH This Month

Flux Operator versions 0.36.0 through 0.39.x contain an authentication bypass in the Web UI that allows authenticated users to escalate privileges and execute API requests with the operator's service account permissions. The vulnerability affects deployments where OIDC providers issue incomplete token claims or custom CEL expressions evaluate to empty values, bypassing Kubernetes RBAC impersonation controls. Cluster administrators running affected Flux Operator versions should upgrade to 0.40.0 or later.

Golang Kubernetes Privilege Escalation Information Disclosure Flux Operator +1
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2021-47852 HIGH POC This Week

Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vulnerability that allows authenticated users to modify the service executable with weak permissions. [CVSS 8.8 HIGH]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-14083 Maven LOW Monitor

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control. [CVSS 2.7 LOW]

Privilege Escalation Authentication Bypass
NVD
CVSS 3.1
2.7
EPSS
0.0%
CVE-2025-15521 CRITICAL Act Now

Academy LMS WordPress plugin has a privilege escalation vulnerability allowing unauthenticated users to bypass access controls and gain elevated privileges on WordPress sites.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-21636 CRITICAL PATCH Act Now

Node.js has a CVSS 10.0 permission model bypass that allows Unix Domain Socket connections to completely bypass network restrictions when --allow-net is configured.

Node.js Privilege Escalation Node.Js Red Hat Suse
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2025-33233 HIGH This Week

NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure AI / ML
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-33231 MEDIUM PATCH This Month

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. [CVSS 6.7 MEDIUM]

Windows Denial Of Service Privilege Escalation Information Disclosure Cuda Toolkit
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-33230 HIGH PATCH This Week

NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. [CVSS 7.3 HIGH]

Linux Denial Of Service Privilege Escalation Command Injection Information Disclosure +2
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-33229 HIGH PATCH This Week

NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. [CVSS 7.3 HIGH]

Windows Denial Of Service Privilege Escalation Information Disclosure Cuda Toolkit +1
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-33228 HIGH PATCH This Week

NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. [CVSS 7.3 HIGH]

Denial Of Service Privilege Escalation Command Injection Information Disclosure Cuda Toolkit +1
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-36418 HIGH This Week

Applinx versions up to 11.1.0 is affected by improper verification of cryptographic signature (CVSS 7.3).

IBM Privilege Escalation Applinx
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-15347 HIGH This Week

The Creator LMS - The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-14533 CRITICAL Act Now

Advanced Custom Fields: Extended plugin for WordPress has a privilege escalation vulnerability allowing unauthenticated users to gain admin access in all versions up to the latest.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-15403 CRITICAL Act Now

The RegistrationMagic WordPress plugin up to version 6.0 allows unauthenticated privilege escalation, enabling attackers to create admin accounts and take over WordPress sites.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-23800 CRITICAL Act Now

Modular DS modular-connector has a CVSS 10.0 privilege escalation vulnerability through incorrect privilege assignment, allowing unauthenticated attackers to gain full administrative access to WordPress sites.

Privilege Escalation
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2025-48647 HIGH This Week

In cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]

Privilege Escalation Android Google
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-65118 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server. [CVSS 8.8 HIGH]

Privilege Escalation RCE Process Optimization
NVD GitHub
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-65117 HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements. [CVSS 7.4 HIGH]

Privilege Escalation Process Optimization
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2021-47779 MEDIUM POC This Month

Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. [CVSS 5.4 MEDIUM]

XSS Privilege Escalation Dolibarr Erp Crm
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2021-47756 HIGH POC This Week

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication. [CVSS 8.4 HIGH]

Laravel Privilege Escalation
NVD Exploit-DB
CVSS 3.1
8.4
EPSS
0.0%
CVE-2026-1010 HIGH This Week

Stored XSS in Altium Workflow Engine allows authenticated users to inject malicious scripts into workflow forms that execute with administrator privileges when viewed. An attacker can exploit this to escalate privileges, create new admin accounts, steal session tokens, and perform arbitrary administrative actions. No patch is currently available for the on-premises enterprise server deployment.

XSS Privilege Escalation On Prem Enterprise Server
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-67246 HIGH POC This Week

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. [CVSS 7.3 HIGH]

Privilege Escalation Information Disclosure Ludashi Driver
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-61973 HIGH This Week

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2021-47799 MEDIUM POC This Month

its Sudo configuration contains a vulnerability that allows attackers to gain root access (CVSS 6.2).

DNS Privilege Escalation
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2021-47767 HIGH POC This Week

10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. [CVSS 7.8 HIGH]

Privilege Escalation Network Inventory Explorer
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2021-47761 HIGH POC This Week

MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.exe with a malicious executable, which will execute with system privileges when the computer restarts. [CVSS 7.8 HIGH]

MySQL MariaDB Privilege Escalation
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23477 HIGH POC This Week

Rocket.Chat versions prior to 6.12.0 expose the OAuth applications API endpoint to any authenticated user, allowing disclosure of sensitive credentials including client IDs and secrets regardless of user role or permissions. An attacker with valid credentials can enumerate OAuth applications and extract their secrets by knowing application IDs, potentially compromising integrated third-party applications. Public exploit code exists for this vulnerability and no patch is currently available.

Privilege Escalation Rocket.Chat
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-33206 HIGH PATCH This Week

NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service. [CVSS 7.8 HIGH]

Linux Industrial Denial Of Service Privilege Escalation Command Injection +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22238 CRITICAL Act Now

BLUVOYIX admin APIs allow unauthenticated creation of admin users, enabling complete platform takeover.

Privilege Escalation Authentication Bypass Bluvoyix
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-66005 This Week

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Privilege Escalation
NVD
EPSS
0.0%
CVE-2026-23550 CRITICAL POC Act Now

Modular DS WordPress plugin (through 2.5.1) has incorrect privilege assignment allowing unauthenticated privilege escalation. Maximum CVSS 10.0 with scope change, EPSS 6.8%.

Privilege Escalation
NVD
CVSS 3.1
9.8
EPSS
6.8%
CVE-2025-68967 MEDIUM This Month

Harmonyos versions up to 6.0.0 is affected by permissions, privileges, and access controls (CVSS 5.7).

Privilege Escalation Harmonyos
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2022-50931 HIGH POC This Week

Teamspeak versions up to 3.5.6 is affected by incorrect permission assignment for critical resource (CVSS 7.8).

Privilege Escalation Teamspeak
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2022-50927 MEDIUM POC This Month

Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. [CVSS 6.2 MEDIUM]

Privilege Escalation
NVD Exploit-DB
CVSS 3.1
6.2
EPSS
0.0%
EPSS 0% CVSS 6.7
MEDIUM This Month

Local privilege escalation in Android's imgsys component allows system-level processes to achieve full system compromise through an out-of-bounds write caused by insufficient bounds validation. An attacker with existing system privileges can exploit this flaw without user interaction to gain complete control over the affected device. No patch is currently available for this vulnerability.

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An out-of-bounds write vulnerability in Android's imgsys component allows a local attacker with system-level privileges to escalate permissions and gain complete control over the device due to insufficient bounds checking. The vulnerability requires no user interaction and cannot be patched in current versions. This affects Android devices where an attacker has already obtained elevated system access.

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 8.8
HIGH This Week

OpenWRT and related SDKs are vulnerable to a heap buffer overflow in the WLAN component that allows adjacent network attackers to execute privilege escalation without user interaction or special permissions. The out-of-bounds write condition enables attackers on the same network segment to gain elevated system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Privilege Escalation Openwrt +1
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Out-of-bounds write in Android WLAN STA driver due to missing bounds check allows local privilege escalation to System with user interaction.

Privilege Escalation Nbiot Sdk
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Remote code execution in MagicInfo 9 Server (versions prior to 21.1090.1) allows unauthenticated attackers to upload arbitrary files without authentication, resulting in complete system compromise with high confidentiality, integrity, and availability impact. The vulnerability enables privilege escalation and requires only user interaction to trigger. No patch is currently available for this critical flaw affecting all vulnerable MagicInfo 9 Server installations.

Privilege Escalation Magicinfo 9 Server
NVD
EPSS 0% CVSS 6.7
MEDIUM POC PATCH This Month

PsySH versions prior to 0.11.23 and 0.12.19 automatically execute a `.psysh.php` file from the current working directory during startup, allowing local attackers with write access to a directory to achieve arbitrary code execution when a user launches PsySH from that location. When a privileged user such as root or a CI runner executes PsySH in an attacker-controlled directory, this results in local privilege escalation. Public exploit code exists for this vulnerability and no patch is currently available.

PHP Laravel Privilege Escalation +1
NVD GitHub
EPSS 0% CVSS 7.8
HIGH POC This Week

its service configuration contains a vulnerability that allows attackers to execute arbitrary code with SYSTEM privileges (CVSS 7.8).

Privilege Escalation
NVD Exploit-DB
EPSS 0%
This Week

Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Budibase is a low code platform for creating internal tools, workflows, and admin panels. [CVSS 8.8 HIGH]

Privilege Escalation Budibase
NVD GitHub
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Client-side password hashing in N3uron Web UI v1.21.7 allows privilege escalation. Weak hashing enables attackers to forge authentication credentials. PoC available.

Privilege Escalation Web User Interface
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

An issue in Shirt Pocket's SuperDuper! 3.11 and earlier allow a local attacker to modify the default task template to install an arbitrary package that can run shell scripts with root privileges and Full Disk Access, thus bypassing macOS privacy controls. [CVSS 7.8 HIGH]

Privilege Escalation Apple Superduper
NVD
EPSS 0% CVSS 7.2
HIGH POC This Week

Immich versions prior to 2.5.0 contain an improper access control flaw that allows any authenticated API key to escalate its privileges to full administrator level by manipulating the update endpoint. Public exploit code exists for this vulnerability, enabling attackers with basic API access to completely compromise the system. The flaw affects all unpatched Immich installations and requires upgrading to version 2.5.0 or later to remediate.

Privilege Escalation Immich
NVD GitHub
EPSS 0%
This Week

CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.

Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup. [CVSS 7.8 HIGH]

Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

NocoDB versions prior to 0.301.0 contain an open redirect vulnerability in the login flow where the `continueAfterSignIn` parameter is not validated, allowing attackers to redirect authenticated users to arbitrary external websites. Public exploit code exists for this vulnerability, which enables phishing attacks by abusing user trust in the legitimate login process to facilitate credential theft through social engineering. Authenticated users are at risk of being redirected to attacker-controlled domains immediately after successful login.

Privilege Escalation Authentication Bypass Open Redirect +1
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Discourse is an open source discussion platform. A privilege escalation vulnerability in versions prior to 3.5.4, 2025.11.2, 2025.12.1, and 2026.1.0 allows a non-admin moderator to bypass email-change restrictions, allowing a takeover of non-staff accounts. [CVSS 5.4 MEDIUM]

Privilege Escalation Discourse
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. [CVSS 7.8 HIGH]

Denial Of Service Privilege Escalation Information Disclosure
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. [CVSS 7.8 HIGH]

Linux Integer Overflow Denial Of Service +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where an attacker could cause an integer overflow. [CVSS 7.8 HIGH]

Linux Windows Integer Overflow +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could trigger a use after free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. [CVSS 7.8 HIGH]

Windows Use After Free Denial Of Service +2
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. [CVSS 8.8 HIGH]

Privilege Escalation M Monit
NVD Exploit-DB
EPSS 0% CVSS 6.7
MEDIUM This Month

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. [CVSS 6.7 MEDIUM]

Broadcom Privilege Escalation
NVD
EPSS 0% CVSS 7.0
HIGH This Week

WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. [CVSS 7.0 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Simple User Registration (WordPress plugin) versions up to 6.7 is affected by improper access control (CVSS 8.8).

WordPress Privilege Escalation Authentication Bypass
NVD
EPSS 0%
Monitor

A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the system.

Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

its Windows service configuration contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).

Windows Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

ElevationService executable contains a vulnerability that allows attackers to potentially inject malicious code (CVSS 7.8).

Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA runx contains a vulnerability where an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Denial Of Service Privilege Escalation Code Injection +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Acronis Cloud Manager for Windows before build 6.4.25342.354 is vulnerable to local privilege escalation through improperly configured folder permissions, allowing authenticated users with low privileges to escalate to higher privileges. An attacker with local access and user interaction can exploit this vulnerability to gain full system control. No patch is currently available for this vulnerability.

Windows Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory. [CVSS 8.8 HIGH]

Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Dashboard permission API fails to validate scope boundaries, allowing authenticated users with permission management rights on any single dashboard to read and modify permissions across all organization dashboards. This privilege escalation affects multi-user dashboard environments where permission isolation is expected. No patch is currently available.

Privilege Escalation Authentication Bypass Grafana
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Insufficient authorization checks in SAP Fiori App Intercompany Balance Reconciliation allow authenticated users to access data beyond their intended permissions, resulting in privilege escalation with limited confidentiality impact. An attacker with valid credentials can exploit this flaw to view sensitive financial reconciliation information they should not have access to. No patch is currently available.

SAP Privilege Escalation
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. [CVSS 4.0 MEDIUM]

Denial Of Service Privilege Escalation RCE +2
NVD VulDB
EPSS 0% CVSS 9.9
CRITICAL POC Act Now

Access control bypass in SpringBlade v4.5.0 importUser function allows low-privileged users to import sensitive user data and escalate privileges. PoC available.

Spring Java Privilege Escalation +3
NVD GitHub
EPSS 0%
This Week

A local privilege escalation vulnerability has been identified in the Kaba exos 9300 System management application (d9sysdef.exe).

Privilege Escalation
NVD
EPSS 0% CVSS 9.9
CRITICAL Act Now

SpringBlade v4.5.0 has an access control flaw in authRoutes allowing low-privileged users to escalate to admin through the authentication routing mechanism.

Spring Java Privilege Escalation +2
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation. [CVSS 7.1 HIGH]

Privilege Escalation Builder
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Melapress Role Editor (WordPress plugin) versions up to 1.1.1. is affected by incorrect authorization (CVSS 8.8).

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Discord Client's discord_rpc module improperly loads files from an unsecured search path, enabling local attackers with low-privilege code execution to escalate privileges and run arbitrary code with elevated user context. This vulnerability requires prior local code execution capability and affects systems running vulnerable Discord Client installations. No patch is currently available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

npm cli contains an insecure module loading mechanism that enables local privilege escalation on Node.js installations. An attacker with low-privileged code execution can exploit this flaw to gain elevated privileges and execute arbitrary code with target user permissions. No patch is currently available for this vulnerability.

Node.js Privilege Escalation RCE
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

mcp-server-siri-shortcuts fails to validate the shortcutName parameter before using it in system calls, enabling local attackers with low-privileged code execution to inject arbitrary commands and escalate to service account privileges. This command injection vulnerability (CVE-2026-0758, CVSS 7.8) affects the AI/ML tool and currently lacks a patch. An attacker exploiting this flaw can execute arbitrary code with elevated privileges on the affected system.

Privilege Escalation Command Injection AI / ML
NVD
EPSS 0% CVSS 9.4
CRITICAL Act Now

A WebSocket endpoint lacks proper authentication, allowing unauthenticated users to connect and interact with real-time data streams and server-side functionality.

Privilege Escalation Evmapa
NVD GitHub
EPSS 0%
Monitor

A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An issue with WordPress directory names in WebPros WordPress Toolkit versions up to 6.9.1 is affected by path traversal (CVSS 8.8).

WordPress Privilege Escalation PHP
NVD
EPSS 0%
Monitor

VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a local privilege escalation vulnerability in the VBMatrix VAIO virtual audio driver (vbmatrixvaio64*_win10.sys).

Linux Privilege Escalation
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in e-plugins Final User final-user allows Privilege Escalation.This issue affects Final User: from n/a through <= 1.2.5. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 8.8
HIGH This Week

e-plugins Hospital Doctor Directory hospital-doctor-directory contains a security vulnerability (CVSS 8.8).

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

e-plugins Institutions Directory institutions-directory contains a security vulnerability (CVSS 8.8).

Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

LazyTasks project management WordPress plugin has an incorrect privilege assignment vulnerability allowing low-privileged users to escalate to administrator, gaining full site control.

Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Incorrect Privilege Assignment vulnerability in Themefic Hydra Booking hydra-booking allows Privilege Escalation.This issue affects Hydra Booking: from n/a through <= 1.1.32. [CVSS 7.3 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in e-plugins Lawyer Directory lawyer-directory allows Privilege Escalation.This issue affects Lawyer Directory: from n/a through <= 1.3.3. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Booking Activities Team Booking Activities booking-activities contains a security vulnerability (CVSS 8.1).

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in Jthemes xSmart xsmart allows Privilege Escalation.This issue affects xSmart: from n/a through <= 1.2.9.4. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Malicious wheel files can modify file permissions on critical system files during extraction in Python wheel versions 0.40.0-0.46.1, enabling attackers to alter SSH keys, configuration files, or executable scripts. This path traversal and permission manipulation flaw affects systems unpacking untrusted wheels and can lead to privilege escalation or arbitrary code execution. Public exploit code exists for this vulnerability, though a patch is available in version 0.46.2.

Python Privilege Escalation Wheel +2
NVD GitHub VulDB
EPSS 0% CVSS 6.8
MEDIUM PATCH This Month

Privilege escalation in openCryptoki 2.3.2+ allows token-group members to exploit insecure symlink handling in group-writable token directories, enabling file operations on arbitrary filesystem targets when the library runs with elevated privileges. An attacker with token-group membership can plant symlinks to redirect administrative operations, potentially leading to privilege escalation or unauthorized data access. A patch is available.

Linux Privilege Escalation Opencryptoki +2
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Flux Operator versions 0.36.0 through 0.39.x contain an authentication bypass in the Web UI that allows authenticated users to escalate privileges and execute API requests with the operator's service account permissions. The vulnerability affects deployments where OIDC providers issue incomplete token claims or custom CEL expressions evaluate to empty values, bypassing Kubernetes RBAC impersonation controls. Cluster administrators running affected Flux Operator versions should upgrade to 0.40.0 or later.

Golang Kubernetes Privilege Escalation +3
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vulnerability that allows authenticated users to modify the service executable with weak permissions. [CVSS 8.8 HIGH]

Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 2.7
LOW Monitor

A flaw was found in the Keycloak Admin REST API. This vulnerability allows the exposure of backend schema and rules, potentially leading to targeted attacks or privilege escalation via improper access control. [CVSS 2.7 LOW]

Privilege Escalation Authentication Bypass
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Academy LMS WordPress plugin has a privilege escalation vulnerability allowing unauthenticated users to bypass access controls and gain elevated privileges on WordPress sites.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Node.js has a CVSS 10.0 permission model bypass that allows Unix Domain Socket connections to completely bypass network restrictions when --allow-net is configured.

Node.js Privilege Escalation Node.Js +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. [CVSS 7.8 HIGH]

Privilege Escalation Code Injection Information Disclosure +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. [CVSS 6.7 MEDIUM]

Windows Denial Of Service Privilege Escalation +2
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. [CVSS 7.3 HIGH]

Linux Denial Of Service Privilege Escalation +4
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. [CVSS 7.3 HIGH]

Windows Denial Of Service Privilege Escalation +3
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. [CVSS 7.3 HIGH]

Denial Of Service Privilege Escalation Command Injection +3
NVD
EPSS 0% CVSS 7.3
HIGH This Week

Applinx versions up to 11.1.0 is affected by improper verification of cryptographic signature (CVSS 7.3).

IBM Privilege Escalation Applinx
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Creator LMS - The LMS for Creators, Coaches, and Trainers plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check in the get_items_permissions_check function in all versions up to, and including, 1.1.12. [CVSS 8.8 HIGH]

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Advanced Custom Fields: Extended plugin for WordPress has a privilege escalation vulnerability allowing unauthenticated users to gain admin access in all versions up to the latest.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The RegistrationMagic WordPress plugin up to version 6.0 allows unauthenticated privilege escalation, enabling attackers to create admin accounts and take over WordPress sites.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 10.0
CRITICAL Act Now

Modular DS modular-connector has a CVSS 10.0 privilege escalation vulnerability through incorrect privilege assignment, allowing unauthenticated attackers to gain full administrative access to WordPress sites.

Privilege Escalation
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]

Privilege Escalation Android Google
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (OS Standard User) to trick Process Optimization services into loading arbitrary code and escalate privileges to OS System, potentially resulting in complete compromise of the Model Application Server. [CVSS 8.8 HIGH]

Privilege Escalation RCE Process Optimization
NVD GitHub
EPSS 0% CVSS 7.4
HIGH This Week

The vulnerability, if exploited, could allow an authenticated miscreant (Process Optimization Designer User) to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements. [CVSS 7.4 HIGH]

Privilege Escalation Process Optimization
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. [CVSS 5.4 MEDIUM]

XSS Privilege Escalation Dolibarr Erp Crm
NVD GitHub Exploit-DB
EPSS 0% CVSS 8.4
HIGH POC This Week

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication. [CVSS 8.4 HIGH]

Laravel Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 8.0
HIGH This Week

Stored XSS in Altium Workflow Engine allows authenticated users to inject malicious scripts into workflow forms that execute with administrator privileges when viewed. An attacker can exploit this to escalate privileges, create new admin accounts, steal session tokens, and perform arbitrary administrative actions. No patch is currently available for the on-premises enterprise server deployment.

XSS Privilege Escalation On Prem Enterprise Server
NVD
EPSS 0% CVSS 7.3
HIGH POC This Week

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. [CVSS 7.3 HIGH]

Privilege Escalation Information Disclosure Ludashi Driver
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges. [CVSS 8.8 HIGH]

Privilege Escalation
NVD
EPSS 0% CVSS 6.2
MEDIUM POC This Month

its Sudo configuration contains a vulnerability that allows attackers to gain root access (CVSS 6.2).

DNS Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. [CVSS 7.8 HIGH]

Privilege Escalation Network Inventory Explorer
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH POC This Week

MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.exe with a malicious executable, which will execute with system privileges when the computer restarts. [CVSS 7.8 HIGH]

MySQL MariaDB Privilege Escalation
NVD Exploit-DB
EPSS 0% CVSS 7.7
HIGH POC This Week

Rocket.Chat versions prior to 6.12.0 expose the OAuth applications API endpoint to any authenticated user, allowing disclosure of sensitive credentials including client IDs and secrets regardless of user role or permissions. An attacker with valid credentials can enumerate OAuth applications and extract their secrets by knowing application IDs, potentially compromising integrated third-party applications. Public exploit code exists for this vulnerability and no patch is currently available.

Privilege Escalation Rocket.Chat
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

NVIDIA NSIGHT Graphics for Linux contains a vulnerability where an attacker could cause command injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and denial of service. [CVSS 7.8 HIGH]

Linux Industrial Denial Of Service +3
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

BLUVOYIX admin APIs allow unauthenticated creation of admin users, enabling complete platform takeover.

Privilege Escalation Authentication Bypass Bluvoyix
NVD
EPSS 0%
This Week

Lack of authorization of the InputManager D-Bus interface in InputPlumber versions before v0.63.0 can lead to local Denial-of-Service, information leak or even privilege escalation in the context of the currently active user session.

Privilege Escalation
NVD
EPSS 7% CVSS 9.8
CRITICAL POC Act Now

Modular DS WordPress plugin (through 2.5.1) has incorrect privilege assignment allowing unauthenticated privilege escalation. Maximum CVSS 10.0 with scope change, EPSS 6.8%.

Privilege Escalation
NVD
EPSS 0% CVSS 5.7
MEDIUM This Month

Harmonyos versions up to 6.0.0 is affected by permissions, privileges, and access controls (CVSS 5.7).

Privilege Escalation Harmonyos
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Teamspeak versions up to 3.5.6 is affected by incorrect permission assignment for critical resource (CVSS 7.8).

Privilege Escalation Teamspeak
NVD Exploit-DB
EPSS 0% CVSS 6.2
MEDIUM POC This Month

Cyclades Serial Console Server 3.3.0 contains a local privilege escalation vulnerability due to overly permissive sudo privileges for the admin user and admin group. [CVSS 6.2 MEDIUM]

Privilege Escalation
NVD Exploit-DB
Prev Page 17 of 148 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy