CWE-267Privilege Defined With Unsafe Actions

Abstraction: Base · CVEs in our corpus: 61

A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (0)AI

Control	Title	Family	Why it addresses this CWE
No NIST controls proposed yet.

Top CVEs of this weakness type, ranked by Risk Priority

CVE	Risk	CVSS	EPSS	Published
`CVE-2025-41244` KEV	3.6	7.8	0.0059	2025-09-29
`CVE-2024-42365`	3.4	7.4	0.3195	2024-08-08
`CVE-2024-55968`	2.4	8.8	0.1048	2025-01-28
`CVE-2023-22647`	2.0	9.9	0.0078	2023-06-01
`CVE-2026-29646`	2.0	9.8	0.0008	2026-04-20
`CVE-2020-29396`	1.9	8.8	0.0181	2020-12-22
`CVE-2021-32739`	1.8	8.8	0.0030	2021-07-15
`CVE-2021-23166`	1.8	8.7	0.0043	2023-04-25
`CVE-2021-23186`	1.8	8.7	0.0042	2023-04-25
`CVE-2021-44547`	1.8	9.1	0.0022	2023-04-25
`CVE-2023-2983`	1.8	8.8	0.0001	2023-05-30
`CVE-2023-44218`	1.8	8.8	0.0008	2023-10-03
`CVE-2024-39866`	1.8	8.8	0.0018	2024-07-09
`CVE-2025-23015`	1.8	8.8	0.0041	2025-02-04
`CVE-2025-26467`	1.8	8.8	0.0007	2025-08-25
`CVE-2026-23526`	1.8	8.8	0.0005	2026-01-21
`CVE-2026-0945`	1.8	8.8	0.0002	2026-02-04
`CVE-2025-14349`	1.8	8.8	0.0003	2026-02-13
`CVE-2026-27314`	1.8	8.8	0.0004	2026-04-07
`CVE-2023-43746`	1.7	8.7	0.0006	2023-10-10
`CVE-2024-32901`	1.6	7.8	0.0003	2024-06-13
`CVE-2024-5622`	1.6	7.8	0.0007	2024-08-29
`CVE-2024-5623`	1.6	7.8	0.0008	2024-08-29
`CVE-2024-47906`	1.6	7.8	0.0037	2024-11-12
`CVE-2024-7571`	1.6	7.8	0.0022	2024-11-12