Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-10863

Summary
Assigner-CIRCL
Assigner Org ID-5a6e4751-2f3f-4070-9419-94fb35b644e8
Published At-04 Jun, 2026 | 13:44
Updated At-04 Jun, 2026 | 15:47
Rejected At-
Credits

MISP User-controlled order parameter in correlations over-correlation endpoint

A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending on how the value was processed by the underlying data access layer, this could allow manipulation of database query ordering and potentially expose the application to unsafe query construction. The patch removes order from the set of request-controlled parameters and instead sets the ordering server-side to occurrence desc after processing allowed user parameters. Affected component: app/Controller/CorrelationsController.php, overCorrelations() Security impact: An authenticated attacker could influence the ordering clause used by the over-correlations query. The direct impact appears limited to query manipulation unless further evidence confirms SQL injection or unauthorized data exposure through the manipulated ordering expression.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CIRCL
Assigner Org ID:5a6e4751-2f3f-4070-9419-94fb35b644e8
Published At:04 Jun, 2026 | 13:44
Updated At:04 Jun, 2026 | 15:47
Rejected At:
▼CVE Numbering Authority (CNA)
MISP User-controlled order parameter in correlations over-correlation endpoint

A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending on how the value was processed by the underlying data access layer, this could allow manipulation of database query ordering and potentially expose the application to unsafe query construction. The patch removes order from the set of request-controlled parameters and instead sets the ordering server-side to occurrence desc after processing allowed user parameters. Affected component: app/Controller/CorrelationsController.php, overCorrelations() Security impact: An authenticated attacker could influence the ordering clause used by the over-correlations query. The direct impact appears limited to query manipulation unless further evidence confirms SQL injection or unauthorized data exposure through the manipulated ordering expression.

Affected Products
Vendor
misp
Product
misp
Default Status
unaffected
Versions
Affected
  • From 0 through 2.5.38 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
4.06.4MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H
Version: 4.0
Base score: 6.4
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-108CAPEC-108 Command Line Execution through SQL Injection
CAPEC ID: CAPEC-108
Description: CAPEC-108 Command Line Execution through SQL Injection
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Jeroen Pinoy
remediation developer
Andras Iklody
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/MISP/MISP/commit/aa094a335ba2855f8a42a1dc44398f43560fe247
patch
Hyperlink: https://github.com/MISP/MISP/commit/aa094a335ba2855f8a42a1dc44398f43560fe247
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:5a6e4751-2f3f-4070-9419-94fb35b644e8
Published At:04 Jun, 2026 | 15:16
Updated At:04 Jun, 2026 | 15:19

A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending on how the value was processed by the underlying data access layer, this could allow manipulation of database query ordering and potentially expose the application to unsafe query construction. The patch removes order from the set of request-controlled parameters and instead sets the ordering server-side to occurrence desc after processing allowed user parameters. Affected component: app/Controller/CorrelationsController.php, overCorrelations() Security impact: An authenticated attacker could influence the ordering clause used by the over-correlations query. The direct impact appears limited to query manipulation unless further evidence confirms SQL injection or unauthorized data exposure through the manipulated ordering expression.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.4MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 6.4
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-20Secondary5a6e4751-2f3f-4070-9419-94fb35b644e8
CWE ID: CWE-20
Type: Secondary
Source: 5a6e4751-2f3f-4070-9419-94fb35b644e8
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/MISP/MISP/commit/aa094a335ba2855f8a42a1dc44398f43560fe2475a6e4751-2f3f-4070-9419-94fb35b644e8
N/A
Hyperlink: https://github.com/MISP/MISP/commit/aa094a335ba2855f8a42a1dc44398f43560fe247
Source: 5a6e4751-2f3f-4070-9419-94fb35b644e8
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1Records found
CVE-2026-44379
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 15.05%
||
7 Day CHG~0.00%
Published-13 May, 2026 | 20:53
Updated-15 May, 2026 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MISP: Improper UUID validation in MISP Collections

MISP is an open source threat intelligence and sharing platform. Prior to 2.5.37, MISP Collections did not enforce RFC 4122 UUID validation on the uuid field. As a result, a user able to create or modify Collection records could submit malformed UUID values, potentially causing integrity issues or unexpected behaviour in code paths that assume Collection UUIDs are valid identifiers. This vulnerability is fixed in 2.5.37.

Action-Not Available
Vendor-mispMISP
Product-mispMISP
CWE ID-CWE-20
Improper Input Validation
Details not found