MISP Vulnerability Allows Unauthorized Sharing Group Manipulation
CVE-2026-54397
6.1MEDIUM
What is CVE-2026-54397?
A vulnerability in MISP's non-REST event editing path permits authenticated users with event edit permissions to bypass sharing group restrictions. By manipulating form data, they can assign an event to an unauthorized sharing group when distribution settings allow sharing group distribution. The non-REST save path does not validate the user's authorization correctly, leading to potential exposure of restricted sharing groups and unintended changes to event metadata. This issue has been addressed by implementing checks to ensure that users can only assign events to sharing groups they are authorized to use.
Affected Version(s)
misp 0 < 2.5.40
