Server-Side Request Forgery (SSRF) Bypass in MISP-Modules by MISP
CVE-2026-62143

8.3HIGH

Key Information:

Vendor

Misp

Vendor
CVE Published:
13 July 2026

What is CVE-2026-62143?

A Server-Side Request Forgery (SSRF) bypass vulnerability exists in the html_to_markdown expansion module of MISP-Modules. The module attempts to restrict access to loopback and private IP addresses, but fails to correctly normalize IPv4-mapped IPv6 addresses. An authenticated attacker can exploit this flaw by supplying an IPv4-mapped IPv6 address or a resolving hostname, thereby bypassing the protection mechanism. This allows the attacker to potentially access internal services or cloud instance metadata, which could be returned as exploited Markdown content. The issue has been rectified by normalizing addresses prior to check application and rejecting invalid URLs.

Affected Version(s)

misp-modules 0

References

CVSS V4

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Alexandre Dulaunoy
George Chen
.