PatchSiren cyber security CVE debrief
CVE-2026-54362 misp CVE debrief
CVE-2026-54362 is a vulnerability in the MISP (Malware Information Sharing Platform) event template builder. The issue arises from an incorrect visibility condition, which allowed authenticated non-site-admin users to view galaxies that should not have been visible to their organisation. This was due to a PHP comparison expression being used instead of a query condition in the custom access-control condition intended to restrict galaxies. As a result, enabled galaxies, including organisation-only custom galaxies belonging to other organisations, could be exposed in the template builder galaxy list. This could disclose metadata about private galaxy definitions to unauthorised users.
- Vendor
- misp
- Product
- Unknown
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Organisations using MISP for threat intelligence sharing should be aware of this vulnerability, as it could lead to unintended exposure of sensitive information about their galaxy definitions.
Technical summary
The vulnerability has a CVSS score of 5.3 and is classified as MEDIUM severity. It involves an incorrect visibility condition in the MISP event template builder, allowing authenticated non-site-admin users to view galaxies they shouldn't have access to.
Defensive priority
MEDIUM
Recommended defensive actions
- Organisations using MISP should review their galaxy configurations and access controls.
- Users with access to the MISP event template builder should be cautious when viewing galaxy lists.
- Organisations should consider updating their MISP installation to a version that includes a fix for this vulnerability, if available.
Evidence notes
The CVE record and NVD detail pages provide official information about this vulnerability.
Official resources
-
CVE-2026-54362 CVE record
CVE.org
-
CVE-2026-54362 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
5a6e4751-2f3f-4070-9419-94fb35b644e8
CVE-2026-54362 was published on 2026-06-12T21:16:24.843Z and has not been modified since then.