PT-2026-43350 · Opencti · Opencti

Wachizungu

Published

2026-05-26

Updated

2026-05-28

CVE-2026-44730

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenCTI versions prior to 6.9.7

Description An organization administrator can escalate their privileges by adding a user from a different organization who possesses higher privileges into their own organization. This occurs due to an incorrect Access Control List (ACL), which is a set of rules that defines permissions for users or systems, on the userEdit relationAdd function.

Recommendations Update to version 6.9.7.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2026-44730

GHSA-Q537-QHJ4-WCJX

PYSEC-2026-167

Affected Products

Opencti

PT-2026-43350 · Opencti · Opencti

CVE-2026-44730

Weakness Enumeration

Related Identifiers

Affected Products

References · 8