CVE-2026-54394 | MISP up to 2.5.39 /files/img/orgs realpath path traversal
A vulnerability was found in MISP up to 2.5.39. It has been classified as critical. This issue affects the function realpath of the file /files/img/orgs. The manipulation leads to path traversal.
This vulnerability is documented as CVE-2026-54394. The attack can be initiated remotely. There is not any exploit available.
Upgrading the affected component is recommended.