Description
The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.
Extended Description
When a weakness occurs in functionality that is accessible by lower-privileged users, then without strong boundaries, an attack might extend the scope of the damage to higher-privileged users.
CVE vulnerabilities with CWE-653 (66)
10.0
CVSS
CRITICAL
CVE-2026-43997
pub. 2026-05-13
10.0
CVSS
CRITICAL
CVE-2026-44005
pub. 2026-05-13
10.0
CVSS
CRITICAL
CVE-2026-4692
pub. 2026-03-24
9.8
CVSS
CRITICAL
CVE-2026-44009
pub. 2026-05-13
9.8
CVSS
CRITICAL
CVE-2026-8401
pub. 2026-05-12
9.8
CVSS
CRITICAL
CVE-2026-24781
pub. 2026-05-04
9.8
CVSS
CRITICAL
CVE-2026-26332
pub. 2026-05-04
9.8
CVSS
CRITICAL
CVE-2026-26956
pub. 2026-05-04
9.8
CVSS
CRITICAL
CVE-2025-1974
pub. 2025-03-25
9.8
CVSS
CRITICAL
CVE-2024-33768
pub. 2024-05-01
9.6
CVSS
CRITICAL
CVE-2026-12295
pub. 2026-06-16
9.6
CVSS
CRITICAL
CVE-2026-12297
pub. 2026-06-16
9.2
CVSS
CRITICAL
CVE-2026-0542
pub. 2026-02-25
9.1
CVSS
CRITICAL
CVE-2025-4083
pub. 2025-04-29
8.8
CVSS
HIGH
CVE-2025-5476
pub. 2025-06-21
8.5
CVSS
HIGH
CVE-2025-34201
pub. 2025-09-19
8.2
CVSS
HIGH
CVE-2024-23682
pub. 2024-01-19
8.2
CVSS
HIGH
CVE-2024-23683
pub. 2024-01-19
8.1
CVSS
HIGH
CVE-2025-12805
pub. 2026-03-26
8.1
CVSS
HIGH
CVE-2023-1305
pub. 2023-03-21
Showing 20 of 66 vulnerabilities