CVE-2026-60125
CVE-2026-60125 affects MISP: the importModule() path used getEnabledModule() to resolve a module by name, but did not enforce per-organisation restrictions implemented by getEnabledModules(). This can allow an authenticated user from an organisation not allowed to use a restricted module (Plugin....