Privilege Escalation in MISP Core Controllers by Multiple Request Fields
CVE-2026-56422

9.4CRITICAL

Key Information:

Vendor: Misp
Status: Misp
Vendor: CVE Published:; 22 June 2026

What is CVE-2026-56422?

The vulnerability involves multiple core controllers of the Monitoring Information Sharing Platform (MISP) that improperly process client-supplied identifiers such as primary keys and foreign keys. This can lead to potential exploitation by authenticated users, allowing them to manipulate data associated with different objects than intended. If an attacker successfully crafts requests using this vulnerability, they could overwrite existing objects, perform unauthorized transfers of ownership, or inject malicious content. To mitigate these risks, patches have been applied to enhance the validation of identifiers and enforce strict checks on ownership fields, ensuring only authorized edits are permitted.

Affected Version(s)

misp 0 <= 2.5.41

References

https://github.com/MISP/MISP/commit/7acf8220cafac58bcfb36...

patch

https://github.com/MISP/MISP/commit/bc182d55dde5686a36ca2...

patch

https://github.com/MISP/MISP/commit/58f637aaab4d133e72f14...

patch

CVSS V4

Score:

9.4

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 22, 2026
Vulnerability Reserved
Jun 22, 2026

Credit

Andras Iklody

Jeroen Pinoy

Claude (the international export version)

CVE-2026-56422 Data

JSON

Misp

What is CVE-2026-56422?

Affected Version(s)

References

CVSS V4

Timeline

Credit