Lucene search
K

159 matches found

Cvelist
Cvelist
added 2026/06/04 2:39 p.m.33 views

CVE-2026-10868 MISP user edit endpoint mass assignment vulnerability allows unauthorized user account modification

A mass assignment vulnerability exists in the MISP user edit functionality due to insufficient filtering of user-supplied fields in UsersController::edit. When processing edit requests, the application accepted a user-controlled User.id value from request data. An authenticated attacker could cra...

9CVSS0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.16 views

PT-2026-46226

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description A URL validation flaw in the dashboard button widget allows a crafted relative-looking URL to be accepted as a local path while browsers interpret it as an external URL. The validation process...

6.1CVSS5.4AI score0.00148EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analysis of threats to network security and malware analysis. MISP has a security vulnerability...

5.1CVSS5.4AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analysis of threats to network security and malware analysis. MISP has a security vulnerability,...

5.3CVSS5.4AI score0.00176EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes features for analyzing threats to network security and malware analysis. MISP has a security vulnerability, which...

6.1CVSS5.4AI score0.00148EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 12:48 p.m.9 views

CVE-2026-10611 OTP bypass via plugin-based LDAP authentication in MISP when LDAP mixed authentication is enabled

An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments configured with LdapAuth.mixedAuth=true and Security.requireotp=true, users authenticated through an authentication plugin, such as LDAP, may have their authenticat...

8.2CVSS5.8AI score0.00353EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/20 2:22 p.m.10 views

CVE-2026-9084 MISP OIDC authentication bypass via automatic email-based account linking under insecure IdP configurations

MISP’s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the email claim when the local account had no stored sub value. Under insecure or untrusted IdP configurations where email ownership is not enforced, an attacker with a valid...

6CVSS5.8AI score0.00182EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.9 views

MISP 输入验证错误漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes features such as analysis of threats to network security and malware analysis. Prior to MISP 2.5.37, there was a...

5.3CVSS5.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2025/12/15 3:25 a.m.13 views

CVE-2025-67906

CVE-2025-67906 affects MISP prior to 2.5.28, where the app/View/Elements/Workflows/executionPath.ctp component is vulnerable to XSS due to improper handling of user-supplied data in the workflow execution path. This could allow injected scripts to run in a user’s browser. Remediation: upgrade to ...

9CVSS6.1AI score0.00273EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-5666

Malware in sbrugna...

10CVSS9.5AI score0.02268EPSS
Exploits0References4
Circl
Circl
added 2025/09/25 12:36 a.m.9 views

CVE-2024-52423

creationtimestamp| type| source ---|---|--- 2025-09-25 00:36:28+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

6.5CVSS5.8AI score0.00228EPSS
Exploits0
Circl
Circl
added 2025/09/16 11:16 p.m.6 views

CVE-2024-43722

creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:32+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

5.4CVSS5.6AI score0.00624EPSS
Exploits0
Circl
Circl
added 2025/09/16 11:16 p.m.4 views

CVE-2024-52837

creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:32+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

5.4CVSS5.1AI score0.00877EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:56 p.m.6 views

CVE-2025-20288

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:46+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

5.8CVSS4.8AI score0.00323EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:56 p.m.4 views

CVE-2025-53867

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:45+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

9.8CVSS4.8AI score0.0073EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:56 p.m.3 views

CVE-2025-1469

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:44+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

7.5CVSS4.8AI score0.0038EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:56 p.m.5 views

CVE-2025-7949

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:44+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

6.1CVSS5.9AI score0.00297EPSS
Exploits1
Circl
Circl
added 2025/09/09 8:51 p.m.6 views

CVE-2025-7412

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:40+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

8.8CVSS5.9AI score0.00311EPSS
Exploits1
Circl
Circl
added 2025/09/09 8:51 p.m.4 views

CVE-2025-53634

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:40+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

8.7CVSS5.9AI score0.00444EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:51 p.m.3 views

CVE-2025-7471

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:39+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

9.8CVSS5.9AI score0.00394EPSS
Exploits1
Rows per page
Query Builder