Primary

Context

MISP Improper UUID Validation Vulnerability in Collections

Vulnerability

Patched

A vulnerability exists in MISP Collections versions prior to 2.5.37 due to inadequate validation of UUIDs in the uuid field, failing to comply with RFC 4122 standards. This flaw allows users to create or modify Collection records with malformed UUIDs, which could lead to data integrity problems or unpredictable behavior in areas of the code that rely on Collection UUIDs being valid. The issue has been addressed by implementing model-level validation for the uuid field, ensuring that only properly formatted UUIDs are accepted.

Impact

The lack of proper UUID validation could cause data integrity issues and disrupt functionality in code sections that depend on valid Collection UUIDs.

Remediation

Users can upgrade to MISP version 2.5.37 or later to address this vulnerability.

Added: May 13, 2026, 9:26 PM

Updated: May 13, 2026, 9:26 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

5.9

remediation

7.7

relevance

8.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.6

exploitability

5.9

remediation

7.7

relevance

8.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MISP Improper UUID Validation Vulnerability in Collections

Vulnerability

Impact

Remediation

Affected Products

MISP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating