🚨 CVE-2022-47928
In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.
🎖@cveNotify
In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.
🎖@cveNotify
GitHub
fix: [security] XSS in the template file uploads · MISP/MISP@684d3e5
- as reported by Dawid Czarnecki from Zigrin Security
🚨 CVE-2023-24070
app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field.
🎖@cveNotify
app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field.
🎖@cveNotify
GitHub
fix: [security] XSS in authkey add · MISP/MISP@f7238fe
- as reported by Dawid Czarnecki from Zigrin Security
🚨 CVE-2023-28606
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
🎖@cveNotify
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
🎖@cveNotify
GitHub
fix: [security] XSS in event-graph node tooltips · MISP/MISP@30255b8
- as reported by Cyber Controls from SIX Group
🚨 CVE-2023-28607
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
🎖@cveNotify
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
🎖@cveNotify
GitHub
fix: [security] XSS in event-graph relationship tooltip · MISP/MISP@78f4234
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: [security] XSS in event-graph relationship tooltip · MISP/MISP@78f4234
🚨 CVE-2023-28884
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
🎖@cveNotify
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
🎖@cveNotify
GitHub
fix: [security] XSS in community index · MISP/MISP@b94c797
- As reported by Zigrin Security
🚨 CVE-2023-37306
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
🎖@cveNotify
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
🎖@cveNotify
GitHub
fix: properly handle different cert file extensions in server sync. #… · MISP/MISP@f125630
…9084
🚨 CVE-2023-37307
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
🎖@cveNotify
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
🎖@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🚨 CVE-2023-48655
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
🎖@cveNotify
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
🎖@cveNotify
GitHub
fix: properly filter out query parameters · MISP/MISP@158c8b2
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: properly filter out query parameters · MISP/MISP@158c8b2
🚨 CVE-2023-48656
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
🎖@cveNotify
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
🎖@cveNotify
GitHub
fix: fixed invalid ordering errors · MISP/MISP@d6ad402
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: fixed invalid ordering errors · MISP/MISP@d6ad402
🚨 CVE-2023-48657
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
🎖@cveNotify
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
🎖@cveNotify
GitHub
chg: [restsearch internal] sanity check erroneous filters · MISP/MISP@08bd232
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - chg: [restsearch internal] sanity check erroneous filters · MISP/MISP@08bd232
🚨 CVE-2023-48658
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
🎖@cveNotify
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
🎖@cveNotify
GitHub
chg: [helper] Added param sanity check helper function · MISP/MISP@1686215
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - chg: [helper] Added param sanity check helper function · MISP/MISP@1686215
🚨 CVE-2023-48659
An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
🎖@cveNotify
An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
🎖@cveNotify
GitHub
fix: [internal] improved parameter parsing · MISP/MISP@37ecf81
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: [internal] improved parameter parsing · MISP/MISP@37ecf81
🚨 CVE-2026-32652
Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
🎖@cveNotify
Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
🎖@cveNotify
🚨 CVE-2026-2273
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.
🎖@cveNotify
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.
🎖@cveNotify
🚨 CVE-2026-40701
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optional," and the ssl_ocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacker can send requests along with conditions beyond its control that may cause a heap-use-after-free error in the NGINX worker process. This vulnerability may result in limited modification of data or the NGINX worker process restarting.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optional," and the ssl_ocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacker can send requests along with conditions beyond its control that may cause a heap-use-after-free error in the NGINX worker process. This vulnerability may result in limited modification of data or the NGINX worker process restarting.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
NGINX ngx_http_ssl_module vulnerability CVE-2026-40701
Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optional," and the ssl_ocsp directive is set to "on" or the leaf parameters are configured…
🚨 CVE-2026-41957
An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
BIG-IP and BIG-IQ Configuration utility vulnerability CVE-2026-41957
Security Advisory Description An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. (CVE-2026-41957) Impact This vulnerability may allow an authenticated attacker with network…
🚨 CVE-2026-42058
An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information leak of BIG-IP local user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information leak of BIG-IP local user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
iControl REST vulnerability CVE-2026-42058
Security Advisory Description An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information leak of BIG-IP local user account names. (CVE-2026-42058) Impact This vulnerability allows for a remote authenticated attacker…
🚨 CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
iControl SOAP vulnerability CVE-2026-42063
Security Advisory Description A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. (CVE-2026-42063) Impact This vulnerability may allow a remote, authenticated…
🚨 CVE-2026-42406
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
BIG-IP and BIG-IQ privilege escalation vulnerability CVE-2026-42406
Security Advisory Description A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. (CVE-2026…
🚨 CVE-2026-42408
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
BIG-IP DNS tmsh vulnerability CVE-2026-42408
Security Advisory Description When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell (tmsh) command that may allow a highly privileged authenticated attacker to view sensitive information. (CVE-2026-42408) Impact An authenticated…
🚨 CVE-2026-42409
When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
🎖@cveNotify
F5
BIG-IP HTTP/2 vulnerability CVE-2026-42409
Security Advisory Description When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. (CVE…