Misp · Misp · CVE-2026-54357
**Name of the Vulnerable Software and Affected Versions**
MISP (affected versions not specified)
**Description**
An improper authorization issue allows an authenticated organization administrator to access or modify user settings of site administrator accounts within the same organization. This occurs because access-control checks scoped administrative actions by organization membership but failed to exclude higher-privileged site administrator users, allowing a breach of the privilege boundary between organization and site-wide administration. This could lead to the unauthorized viewing or alteration of site administrator user settings and login profile information.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.