CVE-2026-35212

Description

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being rendered. Does require user interaction but could be exploited by someone sharing stix or any of the ingester. This could lead to CSRF and then large scale session theft. Version 7.260227.0 contains a fix.

How to fix CVE-2026-35212

To remediate CVE-2026-35212, upgrade the affected package to a fixed version below.

—upgrade to 7.260227.0 or later

Is CVE-2026-35212 being exploited?

No exploitation signal available. Neither CISA KEV nor a current EPSS score has been published for CVE-2026-35212.

Affected packages (1)

from 0, < 7.260227.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References (1)

ADVISORYgithub.com/OpenCTI-Platform/opencti/security/advisories/GHSA-rg6r-x26x-63vq