Lucene search
+L

86 matches found

OSV
OSV
added 2026/05/13 8:51 p.m.3 views

CVE-2026-44380 MISP: Improper access control in auth key reset allows privilege escalation to site administrator

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organization administrator to reset authentication keys belonging to site administrator accounts within...

8.6CVSS5.8AI score0.00403EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:50 p.m.6 views

CVE-2026-44381

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow attribute listing endpoints. The affected code accepted order or sort values from request paramete...

9.3CVSS5.9AI score0.0054EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

MISP SQL注入漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes functions such as analysis of threats to network security and malware analysis. Prior to MISP 2.5.37, there was an S...

9.3CVSS5.9AI score0.0054EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.15 views

MISP 安全漏洞

MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics, and it includes features such as analysis of threats to network security and malware analysis. Prior to MISP 2.5.37, there were...

8.6CVSS5.8AI score0.00403EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.6 views

CVE-2026-39962

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use a user-controlled...

9.6CVSS5.8AI score0.00345EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/09 4:37 p.m.6 views

EUVD-2026-20966

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use a user-controlled...

8.8CVSS5.9AI score0.00345EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/09 4:37 p.m.3 views

CVE-2026-39962 LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use a user-controlled...

8.8CVSS5.8AI score0.00345EPSS
Exploits0References4
OSV
OSV
added 2026/04/09 4:37 p.m.3 views

CVE-2026-39962 LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use a user-controlled...

8.8CVSS6AI score0.00345EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/12/16 4:57 a.m.6 views

CVE-2025-67906

In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow execution path...

9CVSS6.5AI score0.00278EPSS
Exploits1References1
NVD
NVD
added 2025/11/28 7:15 a.m.8 views

CVE-2025-66384

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS0.00322EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/28 12:0 a.m.6 views

EUVD-2025-199869

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmpname...

8.2CVSS6.4AI score0.00322EPSS
Exploits0References3
Circl
Circl
added 2025/10/01 6:11 p.m.7 views

CVE-2024-0331

creationtimestamp| type| source ---|---|--- 2025-10-01 18:11:56+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:27+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

5.8AI score
Exploits0
Circl
Circl
added 2025/09/16 11:16 p.m.5 views

CVE-2024-43724

creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:33+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

5.4CVSS5.1AI score0.00624EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:56 p.m.5 views

CVE-2025-4049

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:44+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

8.6CVSS4.8AI score0.0016EPSS
Exploits0
Circl
Circl
added 2025/09/09 8:56 p.m.7 views

CVE-2025-7953

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:44+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

6.1CVSS5.9AI score0.0032EPSS
Exploits1
Circl
Circl
added 2025/09/09 8:51 p.m.12 views

CVE-2025-7613

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:37+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

8.8CVSS5.9AI score0.02619EPSS
Exploits1
Circl
Circl
added 2025/09/09 8:51 p.m.8 views

CVE-2025-53622

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:36+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

5.2CVSS5.7AI score0.00404EPSS
Exploits0
Circl
Circl
added 2025/08/31 3:13 a.m.8 views

CVE-2019-8031

creationtimestamp| type| source ---|---|--- 2025-08-31 03:13:14+00:00| seen| MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57...

9.8CVSS5.9AI score0.04888EPSS
Exploits0
Circl
Circl
added 2025/08/31 3:1 a.m.8 views

CVE-2020-0623

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:30+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

7.8CVSS5.9AI score0.00807EPSS
Exploits0
Circl
Circl
added 2025/07/24 3:0 a.m.13 views

CVE-2018-11714

creationtimestamp| type| source ---|---|--- 2025-07-24 03:00:16+00:00| published-proof-of-concept| Telegram/wODd61W5j1tuTHJwgIPrERYXEehViHv3tBlXAdVX0Rv5XjQ 2025-10-14 10:31:56+00:00| seen| MISP/a41d8549-5384-5e1a-8c33-bf88e35b5a0a 2026-01-26 00:00:00+00:00| exploited| The Shadowserver...

10CVSS7AI score0.36516EPSS
In wildExploits1References3
Rows per page
Query Builder