PatchSiren cyber security CVE debrief
CVE-2026-10855 misp CVE debrief
An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already existed but did not verify that the importing user belonged to the organization that owned the existing template. As a result, an authenticated user with access to the template import functionality could forcibly overwrite an event template owned by another organization.
- Vendor
- misp
- Product
- Unknown
- CVSS
- MEDIUM 5.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-08
Who should care
Site administrators and users with access to the template import functionality in MISP installations.
Technical summary
The issue was fixed by enforcing an ownership check before overwrite: non-site-admin users may only overwrite templates owned by their own organization.
Defensive priority
MEDIUM
Recommended defensive actions
- Apply the patch: https://github.com/MISP/MISP/commit/7c2200d143bef86aaf58d701b6968a843097db69 (ref-4)
Evidence notes
The CVSS score for this vulnerability is 5.1 (MEDIUM).
Official resources
-
CVE-2026-10855 CVE record
CVE.org
-
CVE-2026-10855 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
5a6e4751-2f3f-4070-9419-94fb35b644e8 - Patch
CVE-2026-10855 was published on 2026-06-04T14:16:37.797Z and modified on 2026-06-08T14:03:35.103Z.