Vulnerability in OpenCTI Platform Enabling Unauthorized Deletion of Sensitive Data
CVE-2026-21886

6.5MEDIUM

Key Information:

Vendor: Opencti-platform
Status: Opencti
Vendor: CVE Published:; 17 March 2026

🔔 Create Opencti-platform Vulnerability Alert

What is CVE-2026-21886?

OpenCTI, an open-source platform designed for managing cyber threat intelligence, has a vulnerability that allows malicious users to exploit GraphQL mutations, specifically 'IndividualDeletionDeleteMutation', to delete unrelated entities. This occurs due to insufficient validation in the API, which fails to ensure that the targeted object is appropriate and contextually related to the deletion action. This flaw enables users to potentially delete sensitive objects, including analysis reports, thereby compromising the integrity and security of the platform's data management. The issue was resolved in version 6.9.1, underscoring the importance of strict API validation.

Affected Version(s)

opencti < 6.9.1

References

https://github.com/OpenCTI-Platform/opencti/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2026
Vulnerability Reserved
Jan 5, 2026

CVE-2026-21886 Data

JSON