Multiple Vulnerabilities in MISP Allowing Privilege Escalation, SQL Injection, and Security Policy Bypass

72% confidence

Description

Multiple vulnerabilities have been discovered in MISP versions prior to 2.5.37 that allow an attacker to perform privilege escalation, SQL injection (SQLi), and bypass security policies.

Affected Products

Vendor	Product	Versions
misp project	misp	< 2.5.37

Related News (1 articles)

Tier B

CERT-FR17h ago

Multiples vulnérabilités dans MISP (30 avril 2026)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

2.5.37

CWECWE-89, CWE-264

PublishedApr 30, 2026

Last enriched3h ago

Multiple Vulnerabilities in MISP Allowing Privilege Escalation, SQL Injection, and Security Policy Bypass

Description

Affected Products

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline