CVE-2025-66384

CVSS v3.1

8.2

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L

Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.5.24

Description The software contains flawed logic when validating uploaded files, specifically concerning the

tmp name

parameter. This issue resides in the

app/Controller/EventsController.php

file.

Recommendations Update to version 2.5.24 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

CVE-2025-66384

Misp