MISP Vulnerability Allows Unauthorized Sharing Group Manipulation
CVE-2026-54397

6.1MEDIUM

Key Information:

Vendor

Misp

Status
Vendor
CVE Published:
12 June 2026

What is CVE-2026-54397?

A vulnerability in MISP's non-REST event editing path permits authenticated users with event edit permissions to bypass sharing group restrictions. By manipulating form data, they can assign an event to an unauthorized sharing group when distribution settings allow sharing group distribution. The non-REST save path does not validate the user's authorization correctly, leading to potential exposure of restricted sharing groups and unintended changes to event metadata. This issue has been addressed by implementing checks to ensure that users can only assign events to sharing groups they are authorized to use.

Affected Version(s)

misp 0 < 2.5.40

References

CVSS V4

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jeroen Pinoy
Andras Iklody
.