CVE-2026-54393

CVE-2026-54393 describes a stored XSS in MISP when the Overmind theme is active. The vulnerability stems from the setHomePage endpoint saving user-supplied paths via setSettingInternal(), bypassing validation in setSetting() (including validate_homepage that enforces a leading “/”). The attacker-...

PT-2026-48973

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description Multiple mass assignment issues exist in the handling of collections, tag collections, event delegations, and shadow attributes. Certain controller actions accept user-supplied fields that shoul...

CVE-2026-44379

Affected software: MISP (Threat Intelligence and Sharing Platform). Prior to version 2.5.37, MISP Collections did not enforce RFC 4122 UUID validation on the uuid field, allowing submission of malformed UUID values. This could lead to integrity issues or unexpected behavior in code paths assuming...

CVE-2026-44381 MISP: SQL injection via unvalidated ordering parameters in event and shadow attribute listings

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow attribute listing endpoints. The affected code accepted order or sort values from request paramete...

MISP modules 跨站请求伪造漏洞

MISP modules are scalable threat intelligence platform modules developed under the open-source MISP Project. They support import, export, expansion, and automated workflows. MISP modules 3.0.7 and earlier versions had a cross-site request forgery vulnerability. This vulnerability stemmed from the...

PT-2026-40807

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, MISP Collections did not enforce RFC 4122 UUID validation on the uuid field. As a result, a user able to create or modify Collection records could submit malformed UUID values, potentially causing integrity issues o...

PT-2026-40809

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, a SQL injection vulnerability existed in the handling of user-controlled ordering parameters in the event and shadow attribute listing endpoints. The affected code accepted order or sort values from request paramete...

CVE-2026-39962 LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use a user-controlled...

CVE-2024-52844

creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:37+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:31+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...

CVE-2025-7531

creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:38+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...

CVE-2025-21799

creationtimestamp| type| source ---|---|--- 2025-08-22 14:52:22+00:00| seen| MISP/24306fae-b16b-4478-9297-d2973cdb583c...

CVE-2025-2794

creationtimestamp| type| source ---|---|--- 2025-03-31 16:33:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9689 2025-03-31 21:43:28+00:00| seen| https://t.me/cvedetector/21644 2025-08-10 18:27:44+00:00| seen| MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c 2025-09-10 07:47:56+00:00| seen|...

CVE-2025-25949

creationtimestamp| type| source ---|---|--- 2025-03-03 01:29:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6126 2025-03-03 02:58:43+00:00| seen| https://t.me/cvedetector/19280 2025-08-19 18:29:28+00:00| seen| MISP/1e8d1b5a-3537-4a30-907d-acb1720bbd18...

CVE-2025-1786

creationtimestamp| type| source ---|---|--- 2025-03-01 10:27:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6070 2025-03-01 12:16:03+00:00| seen| https://t.me/cvedetector/19228 2025-03-02 11:46:58+00:00| seen| Telegram/vdRzNlP426m6lJFCKYmqSHAel4wRmXumX0Kn4OWneuONNAR...

CVE-2025-24843

creationtimestamp| type| source ---|---|--- 2025-02-28 19:32:16+00:00| seen| https://t.me/cvedetector/19163 2025-02-28 22:27:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6015 2025-03-02 11:45:38+00:00| seen| Telegram/YhrIuRaaxOvic-tltQtazPDeUyYDoUK7zsc0lz6DbDNlsexr 2025-08-22...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Yeti - Your Everyday Threat Intelligence

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don't have to. Yeti provides an interface for humans shiny...