misp-project
Security Productsoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting misp-project.
- CVE-2026-10864MISP Dashboard widget field selection may expose restricted user and organisation data4.3
- CVE-2026-10863MISP User-controlled order parameter in correlations over-correlation endpoint8.1
- CVE-2026-10860MISP CRUDComponent delete validation bypass via operator precedence error6.5
- CVE-2026-10861MISP post-login open redirect via pre_login_requested_url6.1
- CVE-2026-10856Open redirect in MISP dashboard button widget URL handling6.1
- CVE-2026-10855MISP Event template importer authorization bypass4.3
- CVE-2026-10854Unauthorized exposure of private galaxies in MISP event template creation4.3
- CVE-2026-10611OTP bypass via plugin-based LDAP authentication in MISP when LDAP mixed authentication is enabled10.0
- CVE-2026-9137CSP Report Endpoint Log Flooding in MISP via Incorrect Size Limit7.5
- CVE-2026-9136Unauthorized ShadowAttribute modification in MISP via client-supplied identifier6.5
- CVE-2026-44379MISP: Improper UUID validation in MISP Collections5.3
- CVE-2026-44380MISP: Improper access control in auth key reset allows privilege escalation to site administrator7.2
- CVE-2026-44381MISP: SQL injection via unvalidated ordering parameters in event and shadow attribute listings5.3
- CVE-2026-8080MISP core - Stored XSS in MISP template (old engine) element attribute type5.4
- CVE-2026-39962LDAP injection in MISP ApacheAuthenticate when using a user-controlled Apache environment variable9.6