CVE ID :CVE-2026-56422 Published : June 22, 2026, 11:43 a.m. | 1 hour, 27 minutes ago Description :Multiple MISP core controllers and model capture paths accepted client-controlled request fields such as primary keys (id) and ownership/scope foreign keys (event_id, org_id, user_id,...

#Sicherheitslücke #APT

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-56422 - MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields

VERWANDTEARTIKEL

CVE-2026-10561 - Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection

CVE-2026-56448 - Authenticated Path Traversal in AIL Framework Investigation Downloads Allows Arbitrary File Read

CVE-2026-7166 - Multiple vulnerabilities in the Assassin game by Gaudire

CVE-2026-54100 - Windows-machine-config-operator: windows-machine-config-operator: ssh host key not verified enables credential theft

CVE-2026-54099 - Windows-machine-config-operator: windows-machine-config-operator: wicd csr extra-organization allows privilege escalation to system:masters

CVE-2026-56447 - MISP remote code execution via arbitrary rdkafka configuration path