CVE Details
Basic Information
| Title |
CVE-2025-26621 |
| Type |
cve |
| Published |
2025-05-19T16:15:28 |
| Last Seen |
2025-05-19T16:18:33 |
CVSS Information
| Base Score |
7.6 (HIGH) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
HIGH |
| User Interaction |
NONE |
| Scope |
CHANGED |
| Confidentiality Impact |
NONE |
| Integrity Impact |
LOW |
| Availability Impact |
HIGH |
AI Analysis
| AI Description |
A vulnerability in OpenCTI allows users with customization access to edit webhooks and execute arbitrary JavaScript code, potentially leading to code injection attacks. |
| AI Severity |
High |
| Vendor |
Open Threat Exchange (OTX) Community |
| Product |
OpenCTI |
| Affected Version |
versions prior to 6.5.2 |
Additional Information
| CVE List |
CVE-2025-26621 |
| CWE List |
CWE-94 |
| Bulletin Family |
cve |
Description
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.5.2, any user with the capability manage customizations can edit webhook that will execute javascript code. This can be abused…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
