Lucene search
K

6 matches found

NVD
NVD
added 2026/06/12 9:16 p.m.12 views

CVE-2026-54396

An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.userid value from the submitted request data. An authenticated user with...

5.3CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 8:48 p.m.16 views

CVE-2026-54396

CVE-2026-54396 describes an information disclosure in the MISP AuthKey edit functionality. When a validation error occurs, the user dropdown was populated from the attacker-controlled AuthKey.user_id in the submitted request, enabling an authenticated user with edit permission to enumerate user e...

5.3CVSS5.5AI score0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 8:48 p.m.9 views

EUVD-2026-36572

An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.userid value from the submitted request data. An authenticated user with...

5.3CVSS5.5AI score0.00247EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:48 p.m.6 views

CVE-2026-54396 MISP AuthKey edit endpoint allows authenticated user email enumeration

An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.userid value from the submitted request data. An authenticated user with...

5.3CVSS5.5AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 8:48 p.m.29 views

CVE-2026-54396 MISP AuthKey edit endpoint allows authenticated user email enumeration

An information disclosure vulnerability exists in the MISP AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown was populated using the attacker-controlled AuthKey.userid value from the submitted request data. An authenticated user with...

5.3CVSS0.00247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.23 views

PT-2026-48998

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An information disclosure issue exists in the AuthKey edit functionality. When a validation error occurs during an AuthKey edit request, the user dropdown is populated using the AuthKey.user id...

5.3CVSS5.4AI score0.00247EPSS
Exploits0References3
Rows per page
Query Builder