CVE-2026-44380— MISP: Improper access control in auth key reset allows privilege escalation to site administrator

AI Predicted 8.1 Difficulty: Easy EPSS 0.07% · P20 Updated May 15, 2026

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

Vendor	Product	Version Range	Status
MISP	MISP	`< 2.5.37`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-44380

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

MISP: Improper access control in auth key reset allows privilege escalation to site administrator

Source: NVD (National Vulnerability Database)

Vulnerability Description

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, an improper access control vulnerability in the authentication key reset functionality allowed an authenticated organization administrator to reset authentication keys belonging to site administrator accounts within the same organization. Because non-site administrators were not explicitly prevented from accessing or resetting site administrator auth keys, an attacker with organization administrator privileges could potentially obtain a newly generated auth key for a higher-privileged account and use it to escalate privileges. This vulnerability is fixed in 2.5.37.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

MISP 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

MISP是MISP开源的一套开源的软件解决方案。该产品用于收集、存储、分发、共享网络安全指标，并具有威胁网络安全事件分析和恶意软件分析等功能。 MISP 2.5.37之前版本存在安全漏洞，该漏洞源于身份验证密钥重置功能中的访问控制不当，允许组织管理员重置同一组织中站点管理员账户的身份验证密钥。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
MISP	MISP	< 2.5.37	-

II. Public POCs for CVE-2026-44380

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-44380

请登录查看更多情报信息。

Same Patch Batch · MISP · 2026-05-13 · 5 CVEs total

CVE-2026-44363		Unsafe remote resource fetching in expansion misp-modules
CVE-2026-44379		MISP: Improper UUID validation in MISP Collections
CVE-2026-44381		MISP: SQL injection via unvalidated ordering parameters in event and shadow attribute list
CVE-2026-44364		misp-modules website - Missing CSRF protection in the website home blueprint

IV. Related Vulnerabilities

Same product: MISP

Same vendor: MISP

Same weakness: CWE-863

V. Comments for CVE-2026-44380

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-44380— MISP: Improper access control in auth key reset allows privilege escalation to site administrator

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-44380

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-44380

III. Intelligence Information for CVE-2026-44380

Same Patch Batch · MISP · 2026-05-13 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-44380

Leave a comment