Misp Security Vulnerabilities (CVEs)
Track 15 security vulnerabilities affecting Misp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows cross-site scripting (XSS) attacks in MISP's workflow execution path. Attackers can inject malicious scripts that execute in...
Dec 15, 2025This vulnerability allows attackers with admin privileges in MISP to inject malicious scripts via menu_custom_right_link parameters through the web in...
Mar 28, 2025This vulnerability in MISP (Malware Information Sharing Platform) allows cross-site scripting (XSS) attacks through REST endpoints that return non-JSO...
Mar 28, 2025This vulnerability in MISP (Malware Information Sharing Platform) allows attackers to upload malicious files through the logo upload functionality. It...
Mar 21, 2024This vulnerability in MISP allows attackers to upload malicious files disguised as organization logos due to insufficient file extension and MIME type...
Feb 9, 2024CVE-2023-50918 is an access control vulnerability in MISP's audit logs controller that allows unauthorized users to view audit logs. This affects all ...
Dec 15, 2023This vulnerability in MISP (Malware Information Sharing Platform) allows SQL injection through mishandled URL parameters in the IndexFilterComponent. ...
Feb 20, 2023CVE-2022-29528 is a PHAR deserialization vulnerability in MISP (Malware Information Sharing Platform) that allows attackers to execute arbitrary code ...
Apr 20, 2022This vulnerability allows attackers to bypass password confirmation requirements in MISP by sending requests with an 'Accept: application/json' header...
Apr 20, 2022This vulnerability in MISP allows attackers to perform Local File Inclusion (LFI) through the custom terms file setting. It enables reading arbitrary ...
Mar 18, 2022CVE-2022-27245 is a Server-Side Request Forgery (SSRF) vulnerability in MISP (Malware Information Sharing Platform) that allows attackers to make unau...
Mar 18, 2022This vulnerability allows SQL injection in MISP (Malware Information Sharing Platform) through the Log.php component. Attackers can execute arbitrary ...
Aug 19, 2021CVE-2021-35502 is a critical vulnerability in MISP (Malware Information Sharing Platform) that allows cross-site scripting (XSS) attacks due to improp...
Jun 25, 2021This vulnerability in MISP allows information disclosure when editing events with sharing groups. An incorrect sharing group association causes the sy...
Apr 23, 2021CVE-2021-25323 is an authentication bypass vulnerability in MISP (Malware Information Sharing Platform) where users could change their passwords witho...
Jan 19, 2021Why Monitor Misp Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 15+ known vulnerabilities affecting Misp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Misp packages in under 60 seconds. No agents required - completely agentless scanning that works across Misp deployments.
Free vulnerability database: Access detailed information about every Misp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Misp CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
