CVE-2026-10611— OTP bypass via plugin-based LDAP authentication in MISP when LDAP mixed authentication is enabled
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-10611
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OTP bypass via plugin-based LDAP authentication in MISP when LDAP mixed authentication is enabled
Source: NVD (National Vulnerability Database)
Vulnerability Description
An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments configured with LdapAuth.mixedAuth=true and Security.require_otp=true, users authenticated through an authentication plugin, such as LDAP, may have their authenticated session established during the application beforeFilter phase before the normal login flow enforces the OTP challenge. As a result, an attacker with valid primary authentication credentials could bypass the required OTP step by authenticating through the plugin-backed login flow and then directly accessing another application URL instead of completing the OTP verification page. This allows access to the application as the affected user without providing a valid TOTP, HOTP, or email OTP code. The issue affects configurations where plugin-based authentication is enabled and OTP is expected to be mandatory. The fix ensures that OTP requirements are checked immediately after plugin authentication and before the user session is established, redirecting users to the appropriate OTP challenge when required.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-10611
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-10611
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-10611 (1)
IV. Related Vulnerabilities
Same product: misp
- CVE-2026-9137
CSP Report Endpoint Log Flooding in MISP via Incorrect Size - CVE-2026-9136
Unauthorized ShadowAttribute modification in MISP via client - CVE-2026-9084
MISP OIDC authentication bypass via automatic email-based ac - CVE-2026-44379
MISP: Improper UUID validation in MISP Collections - CVE-2026-44380
MISP: Improper access control in auth key reset allows priv
Same vendor: misp
- CVE-2026-9806
Stored Cross-Site Scripting (XSS) in CTI Transmute Notificat - CVE-2026-9137
CSP Report Endpoint Log Flooding in MISP via Incorrect Size - CVE-2026-9136
Unauthorized ShadowAttribute modification in MISP via client - CVE-2026-9084
MISP OIDC authentication bypass via automatic email-based ac - CVE-2026-44379
MISP: Improper UUID validation in MISP Collections
Same weakness: CWE-287
- CVE-2026-45289
CloudburstMC Protocol: Partially missing validation for FULL - CVE-2026-49448
authentik: SourceStage bypass via empty POST - CVE-2026-49443
authentik: `UserSourceConnection.user` and `GroupSourceConne - CVE-2026-10619
sayan365 student-management-system improper authentication - CVE-2026-5076
ARMember Premium <= 7.3.1 - Insecure Password Reset Mechanis
V. Comments for CVE-2026-10611
No comments yet