CVE-2026-9137

Same vendor

• CVE-2026-10864 — A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields we... (4.3 MEDIUM)
• CVE-2026-10863 — A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlle... (8.1 HIGH)
• CVE-2026-10860 — A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method (6.5 MEDIUM)
• CVE-2026-10861 — An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url... (6.1 MEDIUM)
• CVE-2026-10856 — A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while bei... (6.1 MEDIUM)

Same CWE

• CVE-2026-12325 — Denial-of-service in the Graphics: ImageLib component (6.5 MEDIUM)
• CVE-2026-12319 — Denial-of-service in the Audio/Video: Playback component (6.5 MEDIUM)
• CVE-2026-50889 — An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service (DoS) via sending ... (7.5 HIGH)
• CVE-2026-50882 — An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted PO... (7.5 HIGH)
• CVE-2026-50879 — An issue in the uploadPostHandler component of Andrei Marcu linx-server v2.3.8 allows attackers to cause a Denial of Service (DoS) via a ... (7.5 HIGH)