A vulnerability, which was classified as critical , has been found in MISP up to 2.5.37 . Impacted is an unknown function of the component OIDC Authentication Plugin . This manipulation causes improper authentication. This vulnerability is tracked as CVE-2026-9084 . The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.