CVE-2026-44730
EUVD-2026-3190826.05.2026, 18:16
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.7, an organization admin can escalate their privileges by adding a user from a different organization with higher privileges, to their own organization. This is due to incorrect ACL on userEdit relationAdd. This vulnerability is fixed in 6.9.7.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| citeum | opencti | 𝑥 < 6.9.7 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration