QSearchQSearch

CVE-2026-10855

4.3 MEDIUM

An authorization flaw existed in the MISP Event Template Importer overwrite workflow

Published: 2026-06-04 · Last updated: 2026-06-08

Severity and scoring

CVSS
4.3 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE
CWE-862

Affected products

VendorProduct
mispmisp

Description

An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already existed but did not verify that the importing user belonged to the organization that owned the existing template. As a result, an authenticated user with access to the template import functionality could forcibly overwrite an event template owned by another organization. Successful exploitation could allow unauthorized modification of another organization’s event template, potentially altering template structure, attributes, or metadata used for subsequent event creation or sharing workflows. Site administrators are not affected by this restriction, as they are explicitly allowed to overwrite templates across organizations. The issue was fixed by enforcing an ownership check before overwrite: non-site-admin users may only overwrite templates owned by their own organization.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-10864 A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields we... (4.3 MEDIUM)
  • CVE-2026-10863 A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlle... (8.1 HIGH)
  • CVE-2026-10860 A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method (6.5 MEDIUM)
  • CVE-2026-10861 An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url... (6.1 MEDIUM)
  • CVE-2026-10856 A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while bei... (6.1 MEDIUM)

Same CWE

  • CVE-2026-53818 OpenClaw before 2026.4.24 contains an authorization bypass vulnerability in the MCP loopback feature that allows non-owner callers to ski... (6.6 MEDIUM)
  • CVE-2026-53816 OpenClaw before 2026.5.18 contains an insufficient provenance validation vulnerability in node event handling that allows paired nodes to... (7.2 HIGH)
  • CVE-2026-53815 OpenClaw before 2026.5.19 contains an authorization bypass vulnerability in message read actions that skips channel allowlist checks (6.5 MEDIUM)
  • CVE-2026-47163 Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support
  • CVE-2026-4764 A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authentica...