A vulnerability was found in MISP up to 2.5.38 . It has been declared as critical . Affected by this vulnerability is an unknown functionality of the component CRUD . The manipulation of the argument validationError results in incorrect authorization. This vulnerability is identified as CVE-2026-10860 . The attack can be executed remotely. There is not any exploit available.