Home/CWE/Incorrect Privilege Assignment
Weakness

Incorrect Privilege Assignment

CWE-266 · Base · Draft

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-269 · Improper Privilege Management
Children (more specific)
ParentOfCWE-1022 · Use of Web Link to Untrusted Target with window.opener Access
ParentOfCWE-1268 · Policy Privileges are not Assigned Consistently Between Control and Data Agents
ParentOfCWE-520 · .NET Misconfiguration: Use of Impersonation
ParentOfCWE-556 · ASP.NET Misconfiguration: Use of Identity Impersonation
ParentOfCWE-9 · J2EE Misconfiguration: Weak Access Permissions for EJB Methods
Related
CanAlsoBeCWE-286 · Incorrect User Management

CVEs With This Weakness

836
A sample of the 836 CVEs tagged with this weakness.
CVECVE-2026-8752
CVECVE-2026-8747
CVECVE-2026-8743
CVECVE-2026-8241
CVECVE-2026-8233
CVECVE-2026-8148
CVECVE-2026-8127
CVECVE-2026-7713
CVECVE-2026-7709
CVECVE-2026-7686
CVECVE-2026-7644
CVECVE-2026-7631

Nuclei Scanner Templates

2
Open-source Nuclei templates that detect this weakness class - an actionable scan-for-it pivot. Licensed under the ProjectDiscovery / Nuclei terms.
criticalOttoKit < 1.0.83 - SureTriggers allows Privilege Escalation
criticalWordPress LiteSpeed Cache - Unauthenticated Privilege Escalation to Admin
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin