Privilege Escalation Vulnerability in OpenCTI by OpenCTI Platform
CVE-2026-27960

9.8CRITICAL

Key Information:

Vendor: Opencti-platform
Status: Opencti
Vendor: CVE Published:; 5 May 2026

🔔 Create Opencti-platform Vulnerability Alert

What is CVE-2026-27960?

The OpenCTI platform suffers from a privilege escalation vulnerability that permits unauthenticated attackers to exploit the API and access it as any existing user, including the default administrator. This vulnerability affects versions 6.6.0 through 6.9.12. Users are encouraged to upgrade to version 6.9.13, which contains the necessary fixes. Additionally, disabling the default admin account using the APP__ADMIN__EXTERNALLY_MANAGED configuration is recommended as a temporary workaround to enhance security.

Affected Version(s)

opencti >= 6.6.0, < 6.9.13

References

https://github.com/OpenCTI-Platform/opencti/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 5, 2026
Vulnerability Reserved
Feb 25, 2026

CVE-2026-27960 Data

JSON