LDAP Injection in MISP Threat Intelligence Platform by Risky Server Configurations
CVE-2026-39962

8.8HIGH

Key Information:

Vendor

Misp

Status
Misp
Vendor
CVE Published:
9 April 2026

What is CVE-2026-39962?

The MISP Threat Intelligence Platform has a vulnerability due to improper handling of special characters in LDAP queries within the ApacheAuthenticate.php file. If configured to use a user-controlled server variable, attackers can leverage unsanitized username values to alter LDAP search filters. This could result in unauthorized queries, bypassing authentication measures and exposing sensitive data. The issue affects all versions prior to 2.5.36, and users are strongly encouraged to upgrade to the latest version for security enhancements.

Affected Version(s)

MISP < 2.5.36

References

https://github.com/MISP/MISP/security/advisories/GHSA-mc5...
x_refsource_CONFIRM
https://github.com/MISP/MISP/commit/380ee4136a7d9ce2fe63f...
x_refsource_MISC
https://github.com/MISP/MISP/commit/d7d671ea8f5822e91207d...
x_refsource_MISC

CVSS V4

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.