SSRF in Misp Misp-modules

CVE-2026-44363

MISP modules are autonomous modules that can be used to extend MISP for new services. Prior to 3.0.7, an unsafe remote resource fetching vulnerability existed in MISP Modules expansion modules. The html_to_markdown module accepted arbitrar…

Vulnerability class: Improper Certificate Validation

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.

Affected products

Misp Misp-modules — versions < 3.0.7

Weakness classification (CWE)

References

security-advisories@github.com (x_refsource_CONFIRM)
security-advisories@github.com (x_refsource_MISC)