CVE-2025-66386

Published November 28th, 2025

View on NVD ↗

CVSS v3

4.1

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

GitHub

6.38K