CVE-2025-66384

Published November 28th, 2025

View on NVD ↗

CVSS v3

8.2

HIGH

CVSS v2

N/A

Affected

1

PROJECT

Description

app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmp_name.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

GitHub

6.38K