Stored Cross-Site Scripting Vulnerability in CTI Transmute by MISP
CVE-2026-9806

6.3MEDIUM

Key Information:

Vendor: Misp
Status: Cti-transmute
Vendor: CVE Published:; 28 May 2026

What is CVE-2026-9806?

A stored cross-site scripting vulnerability exists in the notification panel of CTI Transmute. This issue arises when notification messages containing user-controlled convert names are displayed using innerHTML without sufficient sanitization measures. An attacker could exploit this by crafting a malicious convert name to inject arbitrary JavaScript code. This code would execute within the browser context of an authenticated user when they interacted with the notification panel. Successful exploitation can lead to unauthorized actions or information exposure. The vulnerability was remediated by using secure practices, such as constructing notification elements through DOM methods and using textContent to present notification message content.

Affected Version(s)

cti-transmute 1.0

References

https://github.com/MISP/cti-transmute/commit/cf42409badc2...

patch

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 28, 2026
Vulnerability Reserved
May 28, 2026

Credit

ecrou-exact 🔩

CVE-2026-9806 Data

JSON

Misp

What is CVE-2026-9806?

Affected Version(s)

References

CVSS V4

Timeline

Credit