Primary

Context

OpenCTI GraphQL Mutation Improperly Allows Deletion of Sensitive Entities

Vulnerability

A vulnerability exists in OpenCTI versions prior to 6.9.1, where the GraphQL mutation 'IndividualDeletionDeleteMutation' can be misused to delete unrelated and sensitive objects, such as analysis reports. This issue arises from a lack of validation in the API, allowing for the deletion of entities that are not contextually related to the mutation. The vulnerability is categorized as having a moderate severity, with a CVSS score of 6.5.

Impact

Exploitation of this vulnerability allows for the unauthorized deletion of sensitive entities, including analysis reports, incident response cases, and threat actor records.

Remediation

Users can upgrade to OpenCTI version 6.9.1 or later to address this vulnerability.

Added: Mar 17, 2026, 4:28 PM

Updated: Mar 17, 2026, 4:28 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenCTI GraphQL Mutation Improperly Allows Deletion of Sensitive Entities

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating