CVE-2025-66386 | MISP up to 2.5.26 View Picture EventReport.php path traversal

A vulnerability marked as problematic has been reported in MISP up to 2.5.26. This vulnerability affects unknown code of the file app/Model/EventReport.php of the component View Picture Handler. The manipulation leads to relative path traversal.

This vulnerability is listed as CVE-2025-66386. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More