CWE-276
Incorrect Default Permissions
MITRENo catalog description on file. The MITRE CWE site has the canonical reference.
Recent CVEs
showing 9 of 9- CVE-2024-51378Critical· 10.0KEVEXPLOITEPSS 94%22 h ago
CyberPanel Incorrect Default Permissions Vulnerability
- CVE-2022-22948Medium· 6.5KEVEXPLOITEPSS 26%22 h ago
VMware vCenter Server Incorrect Default File Permissions Vulnerability
- CVE-2024-55956Critical· 9.8KEVEXPLOITEPSS 91%22 h ago
Cleo Multiple Products Unauthenticated File Upload Vulnerability
- CVE-2024-51567Critical· 10.0KEVEXPLOITEPSS 94%22 h ago
CyberPanel Incorrect Default Permissions Vulnerability
- CVE-2026-33590High· 8.5EPSS 0%1 d ago
Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings t
- CVE-2025-24170High· 7.8EPSS 0%1 d ago
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
- CVE-2016-20029Medium· 6.2EPSS 0%4 d ago
ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access con
- CVE-2025-57849Medium· 6.4EPSS 0%7 d ago
A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands
- CVE-2025-8766Medium· 6.4EPSS 0%7 d ago
A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacke
CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.