XSS in Misp Cti-transmute

CVE-2026-9806

A stored cross-site scripting (XSS) vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert names were rendered in the notification…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (19.5th percentile) — read the EPSS interpretation.