Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Missing Authorization vulnerability in Quý Lê 91 Administrator Z administrator-z allows Privilege Escalation.This issue affects Administrator Z: from n/a through <= 2025.03.24.
CVE-2026-6356
CRITICAL CVSS 9.6
Find Similar
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive
QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privilege escalation vulnerability, which may allow a user who can log in to a Windows system with the affected product to gain administra
Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users
In geniezone, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privi
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installa
CVE-2026-21533
HIGH CVSS 7.8 KEV
Find Similar
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation.  Note: Software versions which
Improper access control in some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2026-24306
CRITICAL CVSS 9.8
Find Similar
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39938.
Incorrect execution-assigned permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installer before version 23.1.1 may allow an authenticated user to potentially enable escalat
CVE-2026-33825
HIGH CVSS 7.8 KEV
Find Similar
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate privileges locally.