CWE-280

CWE-280

No catalog description on file. The MITRE CWE site has the canonical reference.

CVEs (total)

5

Critical

0

High

2

Medium

2

Low

0

Severity distribution

Recent CVEs

showing 5 of 5

CVE-2024-29748High· 7.8KEVEPSS 0%22 h ago
Android Pixel Privilege Escalation Vulnerability
CVE-2026-9792Medium· 6.5EPSS 0%2 d ago
A flaw was found in Keycloak's Client Policies, specifically within the `org.keycloak.protocol.oidc` component. When certain condition providers (client-type, client-roles, client-attributes, client-scopes) are used to enforce security rest
CVE-2026-2340Medium· 6.5EPSS 0%2 d ago
A flaw was found in Samba’s vfs_worm module. The module is intended to provide write-once, read-many (WORM) protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename oper
CVE-2026-40371High· 8.8EPSS 0%3 d ago
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network.
CVE-2026-11764—EPSS 0%4 d ago
When creating an export of all reusable media, the secrets of connected gift cards were included in the export even if the user creating the export does not have permission to view gift cards. This is inconsistent with the UI and API whe

CWE catalog data sourced from MITRE. CVE associations come from NVD weakness mappings; some CVEs carry multiple CWEs.