A vulnerability classified as critical was found in CIRCL MISP up to 2.5.42. Affected by this issue is the function EventsController::importModule of the component Import Module Result Handling. Executing a manipulation can lead to authorization bypass.

The identification of this vulnerability is CVE-2026-60124. The attack may be launched remotely. There is no exploit available.