Description
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.
CVE vulnerabilities with CWE-268 (22)
9.6
CVSS
CRITICAL
CVE-2023-0971
pub. 2023-06-21
8.8
CVSS
HIGH
CVE-2024-4877
pub. 2025-04-03
8.8
CVSS
HIGH
CVE-2023-0759
pub. 2023-02-09
8.5
CVSS
HIGH
CVE-2026-32325
pub. 2026-06-01
8.5
CVSS
HIGH
CVE-2025-64701
pub. 2025-12-11
8.5
CVSS
HIGH
CVE-2025-7973
pub. 2025-08-14
8.5
CVSS
HIGH
CVE-2025-2903
pub. 2025-04-17
7.8
CVSS
HIGH
CVE-2026-3888
pub. 2026-03-17
7.8
CVSS
HIGH
CVE-2024-47045
pub. 2024-09-26
7.8
CVSS
HIGH
CVE-2023-5839
pub. 2023-10-29
7.8
CVSS
HIGH
CVE-2019-3844
pub. 2019-04-26
7.4
CVSS
HIGH
CVE-2025-49741
pub. 2025-07-01
7.2
CVSS
HIGH
CVE-2025-2297
pub. 2025-07-28
7.2
CVSS
HIGH
CVE-2025-0889
pub. 2025-02-26
6.7
CVSS
MEDIUM
CVE-2023-2250
pub. 2023-04-24
6.5
CVSS
MEDIUM
CVE-2024-1299
pub. 2024-03-07
6.5
CVSS
MEDIUM
CVE-2024-1250
pub. 2024-02-12
6.0
CVSS
MEDIUM
CVE-2025-32955
pub. 2025-04-21
5.9
CVSS
MEDIUM
CVE-2025-36124
pub. 2025-08-12
5.1
CVSS
MEDIUM
CVE-2025-20112
pub. 2025-05-21
Showing 20 of 22 vulnerabilities