PatchSiren cyber security CVE debrief
CVE-2026-54358 misp CVE debrief
CVE-2026-54358 is an incorrect authorization vulnerability in MISP that allows an organization administrator to target site administrator accounts belonging to the same organization through the administrative email functionality. The affected code restricted organization administrators to users within their own organization but did not exclude accounts assigned a site administrator role from recipient queries. This oversight enables an organization administrator to perform privileged account-management actions, such as initiating a password reset workflow, against a higher-privileged site administrator account within the same organization. Successful exploitation may allow an authenticated organization administrator to interfere with or potentially take over a site administrator account, resulting in privilege escalation and full compromise of the MISP instance’s confidentiality, integrity, and availability. The attacker must be authenticated as an organization administrator in the same organization as a site administrator account.
- Vendor
- misp
- Product
- Unknown
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Administrators of MISP instances should be aware of this vulnerability and take immediate action to mitigate the risk. This includes reviewing and updating access controls, ensuring proper authorization checks are in place, and monitoring for any suspicious activity.
Technical summary
The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. It is caused by an incorrect authorization check in the MISP administrative email functionality, allowing organization administrators to target site administrator accounts within their organization.
Defensive priority
High
Recommended defensive actions
- Review and update access controls to ensure proper authorization checks are in place.
- Monitor for any suspicious activity related to account management and administrative actions.
- Apply patches or updates provided by the MISP project to address this vulnerability.
Evidence notes
The CVE record and NVD detail pages provide additional information about this vulnerability.
Official resources
-
CVE-2026-54358 CVE record
CVE.org
-
CVE-2026-54358 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
5a6e4751-2f3f-4070-9419-94fb35b644e8
CVE-2026-54358 was published on 2026-06-12T20:16:47.720Z and has not been modified since then.