Unauthorized Access Flaw in OpenCTI Platform
CVE-2025-46732

5.4MEDIUM

Key Information:

Vendor: Opencti-platform
Status: Opencti
Vendor: CVE Published:; 18 July 2025

🔔 Create Opencti-platform Vulnerability Alert

What is CVE-2025-46732?

The OpenCTI platform, an open-source tool for managing cyber threat intelligence, is affected by an IDOR vulnerability in its GraphQL Notification mutations. This flaw allows authenticated users to modify or delete notifications intended for other users, provided they possess the UUID of the targeted notification. Specifically, the NotificationLineNotificationMarkReadMutation and NotificationLineNotificationDeleteMutation can be exploited, allowing users not only to change the status of notifications but also to access their contents. This security issue emphasizes the need for robust access controls and highlights the importance of upgrading to version 6.6.6, which addresses this vulnerability.

Affected Version(s)

opencti < 6.6.6

References

https://github.com/OpenCTI-Platform/opencti/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2025
Vulnerability Reserved
Apr 28, 2025