Cette page n'a pas encore été traduite dans votre langue. Affichage du contenu en anglais pendant que nous y travaillons.

💡 Keep dependencies up to date — most exploits target known, patchable vulnerabilities.

CRITICALCVE-2026-44364CVSS 9.5

CVE-2026-44364: CSRF in MISP Modules Website

Q: What is CVE-2026-44364 — CSRF in misp-modules?

It's a Cross-Site Request Forgery (CSRF) vulnerability in MISP Modules versions up to 3.0.7, allowing attackers to forge requests as authenticated users.

Q: Am I affected by CVE-2026-44364 in misp-modules?

If you are using MISP Modules version 3.0.7 or earlier, you are potentially affected and should prioritize patching.

Q: How do I fix CVE-2026-44364 in misp-modules?

Upgrade to a patched version of MISP Modules where the CSRF protection has been enabled. If upgrading isn't possible, implement temporary workarounds like restricting access to the 'home' endpoint.

Q: Is CVE-2026-44364 being actively exploited?

While no public POCs are currently available, the high CVSS score suggests exploitation is possible and warrants monitoring.

Q: Where can I find the official misp-modules advisory for CVE-2026-44364?

Refer to the MISP Modules security advisories and the NVD entry for CVE-2026-44364 for detailed information.

Plateforme

php

Composant

misp-modules

Corrigé dans

3.0.8

Voir sur NVD

Sauvegarder

Traduction vers votre langue…

CVE-2026-44364 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in the MISP Modules website. An attacker could leverage this flaw to trick authenticated users into unknowingly submitting malicious requests, leading to unauthorized modifications. This vulnerability affects versions of MISP Modules up to and including 3.0.7, and has been resolved by implementing CSRF protection for the affected blueprint.

Impact et Scénarios d'Attaquetraduction en cours…

The primary impact of CVE-2026-44364 lies in the potential for unauthorized modification of session query data. An attacker could craft a malicious request, disguised as a legitimate action from an authenticated user, to alter this data. This could lead to a variety of consequences, depending on the nature of the session query data and how it's used by the MISP Modules system. For example, an attacker might be able to manipulate search queries, alter reporting parameters, or even modify user configurations. The ability to modify session data elevates the risk of data breaches and system compromise, particularly if the affected user possesses elevated privileges within the MISP environment. While the vulnerability targets the 'home' endpoint, the potential for cascading effects through related modules and integrations should be considered.

Contexte d'Exploitationtraduction en cours…

CVE-2026-44364 was reported by Bilal Teke on 2026-05-06. The vulnerability's CVSS score of 9.5 (CRITICAL) indicates a high level of severity. Public proof-of-concept (POC) code is currently unavailable, but the relatively high CVSS score suggests that exploitation is likely possible. The vulnerability is not currently listed on KEV or EPSS, but given its critical severity and the potential for session manipulation, it warrants close monitoring. Refer to the MISP Modules security advisories for further details and updates.

Logiciel Affecté

Composantmisp-modules

FournisseurMISP

Version minimale3.0.0

Version maximale<= 3.0.7

Corrigé dans3.0.8

Classification de Faiblesse (CWE)

CWE-352

Chronologie

Réservé2026-05-05
Publiée2026-05-13

Mitigation et Contournementstraduction en cours…

The recommended mitigation for CVE-2026-44364 is to immediately upgrade MISP Modules to a patched version where the vulnerability has been addressed. The fix involves enabling CSRF protection for the blueprint that was previously exempted. If upgrading is not immediately feasible, consider implementing temporary workarounds such as restricting access to the 'home' endpoint or implementing stricter input validation on session query parameters. While not a complete solution, these measures can reduce the attack surface. Monitor web application firewalls (WAFs) for suspicious requests targeting the 'home' endpoint. After upgrading, confirm the fix by attempting to submit a crafted CSRF request and verifying that it is blocked by the implemented CSRF protection.

Comment corrigertraduction en cours…

Actualice el módulo misp-modules a la versión 3.0.8 o superior para habilitar la protección CSRF en el blueprint del inicio y endurecer el análisis de consultas, mitigando así el riesgo de Cross-Site Request Forgery.

Questions fréquentestraduction en cours…

What is CVE-2026-44364 — CSRF in misp-modules?

It's a Cross-Site Request Forgery (CSRF) vulnerability in MISP Modules versions up to 3.0.7, allowing attackers to forge requests as authenticated users.

Am I affected by CVE-2026-44364 in misp-modules?

If you are using MISP Modules version 3.0.7 or earlier, you are potentially affected and should prioritize patching.

How do I fix CVE-2026-44364 in misp-modules?

Upgrade to a patched version of MISP Modules where the CSRF protection has been enabled. If upgrading isn't possible, implement temporary workarounds like restricting access to the 'home' endpoint.

Is CVE-2026-44364 being actively exploited?

While no public POCs are currently available, the high CVSS score suggests exploitation is possible and warrants monitoring.

Where can I find the official misp-modules advisory for CVE-2026-44364?

Refer to the MISP Modules security advisories and the NVD entry for CVE-2026-44364 for detailed information.

Ton projet est-il affecté ?

Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.

Scanner gratuitement Rechercher des CVE

en directfree scan

Essayez maintenant — sans compte

scanZone.subtitle

Scan manuelSlack/email alertsContinuous monitoringWhite-label reports

Glissez-déposez votre fichier de dépendances

composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...

Parcourir les fichiers