CVE-2026-54357— MISP improper authorization allows organization administrators to modify site administrator user settings
Possible ATT&CK Techniques 1AI
T1078.003 · Local AccountsGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-54357
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MISP improper authorization allows organization administrators to modify site administrator user settings
Source: NVD (National Vulnerability Database)
Vulnerability Description
An improper authorization vulnerability in MISP allowed an authenticated organization administrator to access or modify user settings belonging to site administrator accounts within the same organization. The affected access-control checks scoped administrative actions by organization membership but did not exclude higher-privileged site administrator users. As a result, an organization administrator could potentially view or alter site administrator user settings and related login profile information, crossing the intended privilege boundary between organization administration and site-wide administration. The patch hardens the ACL logic by excluding site administrator accounts from organization administrator–managed user sets, adding explicit authorization failure when a target user is not administrable, and ensuring user setting and login profile operations fail closed.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
MISP 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MISP是MISP组织开源的一套开源的软件解决方案。 该产品用于收集、存储、分发、共享网络安全指标,并具有威胁网络安全事件分析和恶意软件分析等功能。 MISP 2.5.40之前版本存在授权问题漏洞,该漏洞源于授权不当,可能导致已认证的组织管理员访问或修改属于同一组织内站点管理员账户的用户设置。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-54357
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-54357
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-54357 (1)
Same Patch Batch · misp · 2026-06-12 · 12 CVEs total
| CVE-2026-54358 | MISP organization administrators can target site administrator accounts for password reset | |
| CVE-2026-54362 | MISP template builder exposes non-visible custom galaxies across organisations | |
| CVE-2026-54359 | MISP automation endpoints may be exposed to CSRF when Sec-Fetch-Site protection is disable | |
| CVE-2026-54398 | MISP object edit authorization bypass allows unauthorized sharing group assignment | |
| CVE-2026-54396 | MISP AuthKey edit endpoint allows authenticated user email enumeration | |
| CVE-2026-54394 | MISP organisation logo path traversal allows retrieval of arbitrary PNG/SVG files | |
| CVE-2026-54393 | MISP Overmind theme stored XSS via unvalidated homepage setting | |
| CVE-2026-54395 | MISP UiBeta event index reflected XSS in advanced filter popup | |
| CVE-2026-54397 | MISP event editing allows unauthorized assignment to undisclosed sharing groups | |
| CVE-2026-54360 | MISP sharing group creation mass assignment allows unauthorized takeover of existing shari | |
| CVE-2026-54361 | MISP mass assignment vulnerabilities allow unauthorized modification of ownership and dele |
IV. Related Vulnerabilities
Same product: misp
- CVE-2026-54398
MISP object edit authorization bypass allows unauthorized sh - CVE-2026-54397
MISP event editing allows unauthorized assignment to undiscl - CVE-2026-54396
MISP AuthKey edit endpoint allows authenticated user email e - CVE-2026-54395
MISP UiBeta event index reflected XSS in advanced filter pop - CVE-2026-54394
MISP organisation logo path traversal allows retrieval of ar
Same vendor: misp
- CVE-2026-54398
MISP object edit authorization bypass allows unauthorized sh - CVE-2026-54397
MISP event editing allows unauthorized assignment to undiscl - CVE-2026-54396
MISP AuthKey edit endpoint allows authenticated user email e - CVE-2026-54395
MISP UiBeta event index reflected XSS in advanced filter pop - CVE-2026-54394
MISP organisation logo path traversal allows retrieval of ar
Same weakness: CWE-863
- CVE-2026-10741
Nexus Repository Manager - Incorrect Authorization allows cr - CVE-2026-54803
WordPress SMS Alert Order Notifications plugin <= 3.9.4 - Pr - CVE-2026-32967
Apache DolphinScheduler: The `/v2` experimental interface la - CVE-2026-42357
Apache DolphinScheduler: Incorrect Authorization vulnerabili - CVE-2026-41280
Apache DolphinScheduler: Incorrect Authorization vulnerabili
V. Comments for CVE-2026-54357
No comments yet