Login Sign Up

CWE-286: CWE-286

11
Total CVEs
4
Critical
4
High
7.9
Avg CVSS

Yearly Trend

2025
6
2024
4
2021
1

Top Affected Vendors

1 Fortinet 1
2 Dell 1
3 Ibm 1
4 Trendmicro 1
5 Weblate 1
6 Rockwellautomation 1
7 Canonical 1
8 Summerpearlgroup 1
9 Cs Cart 1
10 Hitachienergy 1

All CWE-286 CVEs (11)

CVE-2025-64725
9.8

This vulnerability in Weblate allows one user to accept an invitation that was opened by another user, potentially leading to unauthorized access or p...

Dec 15, 2025
CVE-2023-26689
9.8

This vulnerability allows attackers to modify any user's profile in CS-Cart MultiVendor 4.16.1 through crafted POST requests due to insufficient autho...

Sep 25, 2024
CVE-2025-7972
9.1

This vulnerability allows attackers to bypass FTSP token validation in FactoryTalk Linx Network Browser by setting the NODE_ENV environment variable t...

Aug 14, 2025
CVE-2024-48853
9.0

This CVE describes a privilege escalation vulnerability in ABB's ASPECT software that allows authenticated non-root users to gain root access to the s...

May 22, 2025
CVE-2024-28020
8.0

This vulnerability allows a malicious high-privileged user in FOXMAN-UN/UNEM applications to reuse passwords and login credentials through complex rou...

Jun 11, 2024
CVE-2024-9312
7.5

CVE-2024-9312 is an authentication bypass vulnerability in authd where insufficient user ID randomization allows local attackers to spoof other users'...

Oct 10, 2024
CVE-2024-58105
7.3

This vulnerability in Trend Micro Apex One Security Agent Plug-in User Interface Manager allows a local attacker with low-privileged access to bypass ...

Mar 25, 2025
CVE-2021-21553
7.3

Dell PowerScale OneFS versions 8.1.0 through 9.1.0 contain an incorrect user management vulnerability that allows CompAdmin users to elevate privilege...

Aug 3, 2021
CVE-2024-27269
6.8

This vulnerability in IBM QRadar SIEM 7.5 allows privileged users to configure user management settings that could unintentionally expose sensitive in...

May 14, 2024
CVE-2025-63563
6.5

This vulnerability allows attackers with stolen session tokens to maintain access to user accounts even after legitimate users change their passwords....

Oct 31, 2025
CVE-2024-46671
6.2

This vulnerability allows authenticated attackers with read-only admin permissions in FortiWeb to manipulate other administrators' dashboard widgets v...

Apr 8, 2025

About CWE-286 (CWE-286)

Our database tracks 11 CVEs classified as CWE-286, with 4 rated critical and 4 rated high severity. The average CVSS score for CWE-286 vulnerabilities is 7.9.

External reference: View CWE-286 on MITRE CWE →

Monitor CWE-286 Vulnerabilities

Get alerted when new CWE-286 CVEs affect your infrastructure.

Start Monitoring Free