Description
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.
CVE vulnerabilities with CWE-280 (152)
9.9
CVSS
CRITICAL
CVE-2025-46066
pub. 2026-01-12
9.9
CVSS
CRITICAL
CVE-2024-25108
pub. 2024-02-12
9.8
CVSS
CRITICAL
CVE-2025-6573
pub. 2025-08-09
9.8
CVSS
CRITICAL
CVE-2024-24116
pub. 2024-10-02
9.8
CVSS
CRITICAL
CVE-2024-5163
pub. 2024-06-17
9.4
CVSS
CRITICAL
CVE-2026-41566
pub. 2026-06-25
9.2
CVSS
CRITICAL
CVE-2024-46874
pub. 2024-12-06
9.1
CVSS
CRITICAL
CVE-2024-1608
pub. 2024-02-20
8.8
CVSS
HIGH
CVE-2026-40371
pub. 2026-06-09
8.8
CVSS
HIGH
CVE-2025-8109
pub. 2025-08-04
8.8
CVSS
HIGH
CVE-2025-27025
pub. 2025-07-02
8.8
CVSS
HIGH
CVE-2025-31173
pub. 2025-04-07
8.8
CVSS
HIGH
CVE-2024-6660
pub. 2024-07-17
8.8
CVSS
HIGH
CVE-2024-36451
pub. 2024-07-10
8.8
CVSS
HIGH
CVE-2023-38298
pub. 2024-04-22
8.8
CVSS
HIGH
CVE-2024-22078
pub. 2024-03-20
8.8
CVSS
HIGH
CVE-2019-6570
pub. 2019-04-17
8.6
CVSS
HIGH
CVE-2026-2123
pub. 2026-03-31
8.4
CVSS
HIGH
CVE-2026-0047
pub. 2026-03-02
8.4
CVSS
HIGH
CVE-2024-51459
pub. 2025-03-19
Showing 20 of 152 vulnerabilities