CVE Catalog

CVE-2026-56446

HighCVSS 7.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.31%

22th percentile - higher than 22% of all known CVEs

Summary

MISP allows a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Due to the ability to inject PHP code by an attacker with administrator privileges, remote code execution may occur.

Risk Assessment

An attacker with administrator privileges could direct logs to a PHP file in a web-accessible directory, leading to serious risks of remote code execution with the privileges of the web server process.

Recommendation

It is recommended to update MISP to the latest version to apply fixes that restrict log destinations and to implement additional security measures in server configuration.

Original NVD description (English source)

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a web-accessible directory and inject PHP code through logged data. Accessing the resulting file could lead to remote code execution with the privileges of the web server process. The fix restricts log destinations to existing directories beneath APP/tmp/logs or /var/log, requires absolute paths, rejects stream wrappers and traversal-related input, and limits filenames to .log or .ndjson extensions while disallowing executable extension segments.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS