CVE-2026-44363— Unsafe remote resource fetching in expansion misp-modules
Affected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| MISP | misp-modules | < 3.0.7 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44363
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unsafe remote resource fetching in expansion misp-modules
Source: NVD (National Vulnerability Database)
Vulnerability Description
MISP modules are autonomous modules that can be used to extend MISP for new services. Prior to 3.0.7, an unsafe remote resource fetching vulnerability existed in MISP Modules expansion modules. The html_to_markdown module accepted arbitrary HTTP(S) URLs without sufficient validation, which could allow Server-Side Request Forgery against loopback, private, or link-local network resources. Additionally, the qrcode module disabled TLS certificate verification when retrieving remote images, exposing requests to potential man-in-the-middle interception or response tampering. The issue was fixed by validating URL schemes, blocking local and private address ranges, resolving hostnames before fetching, enforcing request timeouts, and re-enabling TLS certificate verification. This vulnerability is fixed in 3.0.7.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
MISP modules 信任管理问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MISP modules是MISP Project开源的一个可扩展的威胁情报平台模块,支持导入、导出、扩展及自动化工作流。 MISP modules 3.0.7之前版本存在信任管理问题漏洞,该漏洞源于html_to_markdown模块接受任意HTTP(S) URL且验证不足,可能导致服务器端请求伪造;同时qrcode模块禁用TLS证书验证,可能导致中间人攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| MISP | misp-modules | < 3.0.7 | - |
II. Public POCs for CVE-2026-44363
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-44363
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-44363 (1)
Vendor Advisories for CVE-2026-44363 (1)
Same Patch Batch · MISP · 2026-05-13 · 5 CVEs total
| CVE-2026-44379 | MISP: Improper UUID validation in MISP Collections | |
| CVE-2026-44381 | MISP: SQL injection via unvalidated ordering parameters in event and shadow attribute list | |
| CVE-2026-44364 | misp-modules website - Missing CSRF protection in the website home blueprint | |
| CVE-2026-44380 | MISP: Improper access control in auth key reset allows privilege escalation to site admin |
IV. Related Vulnerabilities
Same vendor: MISP
- CVE-2026-9137
CSP Report Endpoint Log Flooding via Incorrect Size Limit - CVE-2026-9136
Unauthorized ShadowAttribute modification in MISP via client - CVE-2026-9084
MISP OIDC authentication bypass via automatic email-based ac - CVE-2026-44379
MISP: Improper UUID validation in MISP Collections - CVE-2026-44380
MISP: Improper access control in auth key reset allows priv
Same weakness: CWE-295
- CVE-2026-8992
Ivanti Secure Access Client证书验证漏洞致远程代码执行 - CVE-2025-32745
Dell PowerFlex Manager<=4.6.2证书验证缺陷 - CVE-2026-48249
Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verifica - CVE-2026-48248
Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verifica - CVE-2026-48247
Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verifica
V. Comments for CVE-2026-44363
No comments yet