PatchSiren cyber security CVE debrief
CVE-2026-54361 misp CVE debrief
CVE-2026-54361 is a HIGH-severity vulnerability in MISP, a threat intelligence platform. The issue involves multiple mass assignment vulnerabilities in the handling of collections, tag collections, event delegations, and shadow attributes. These vulnerabilities could allow an authenticated attacker to craft requests containing protected fields, potentially altering object ownership, redirecting updates to another record, overwriting existing event delegation requests, or modifying shadow attribute proposals belonging to another organization.
- Vendor
- misp
- Product
- Unknown
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Users of MISP, especially those with administrative access, should be aware of this vulnerability and take immediate action to patch their systems.
Technical summary
The affected components include CollectionsController::edit(), EventDelegationsController::delegateEvent(), ShadowAttributesController::edit(), TagCollectionsController::edit(), and TagCollectionsController::editWithTags(). The issue was fixed by explicitly pinning ownership and identity fields to their stored values during edit operations and by removing user-supplied primary keys from create-only save paths.
Defensive priority
High
Recommended defensive actions
- Apply the patch as soon as possible to prevent exploitation.
- Review and monitor MISP system logs for any suspicious activity.
- Ensure that all MISP users have the least privileges necessary to perform their tasks.
Evidence notes
The CVE-2026-54361 vulnerability has a CVSS score of 8.8 and is considered HIGH severity. The attack requirements include authentication and access to the affected MISP endpoints, with no user interaction required.
Official resources
-
CVE-2026-54361 CVE record
CVE.org
-
CVE-2026-54361 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
5a6e4751-2f3f-4070-9419-94fb35b644e8
CVE-2026-54361 was published on 2026-06-12T20:16:48.110Z and has not been modified since then.