A vulnerability was found in MISP up to 2.5.38 . It has been classified as problematic . Affected is an unknown function of the component Dashboard Widget . The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2026-10864 . Remote exploitation of the attack is possible. No exploit is available. It is suggested to install a patch to address this issue.