MISP 2.5.38 - UI and security update
A focused release with two security fixes, a new workflow action module, continued Overmind UI migration of the Sync tab, TAXII 2 conformance work, and the usual round of community-contributed bug fixes.
MISP 2.5.37 - Templates, Assemble!
We are happy to announce the release of MISP v2.5.37, headlined by the brand-new Event Templating system — a complete redesign that replaces the legacy templating engine. This release also introduces a dedicated suricata attribute type, continues the Overmind UI migration, switches the STIX 2 stack to the upstream library bundled with misp-stix, ships several security fixes, and brings new performance tooling for large instances.
MISP v2.5.35: Decomposed Event Views, Overmind UI Enhancements, Security Hardening and MISP-STIX major update
The MISP v2.5.35 release introduces significant architectural improvements to the Event View, massive performance optimizations for attribute searching, and critical security hardening for installers. This version marks a major step forward in the “Overmind” UI project, transitioning toward a more modern, responsive user experience.
MISP v2.5.33: Performance, Security, and the New Overmind Theme
MISP v2.5.33 Release Notes (2026-02-27)
🎨 A Fresh Look: The “Overmind” Evolution
The UI is undergoing its most significant transformation in years. With the introduction of the Overmind theme, MISP is transitioning to a modern stack.
FlowIntel 3.0.0 released and MISP integration
FlowIntel & MISP
FlowIntel in a Nutshell
FlowIntel is an open-source platform built for handling security investigations in a structured way. It combines case management, task tracking, documentation, and collaboration in one place.
MISP v2.5.32 released bringing new workflow capabilities, enhancement, security fix and various bugs fixed
We are pleased to announce the release of MISP v2.5.32, bringing new workflow capabilities, improvements to attachment handling, security fixes, and multiple dependency updates.
MISP v2.5.31 released - Stability, Synchronization Improvements & Year-End Knowledge Base Refresh
MISP v2.5.31 Release Notes
📅 Release date: 2025-12-23
Stability, Synchronization Improvements & Year-End Knowledge Base Refresh
We are happy to announce the release of MISP v2.5.31, a maintenance-focused update bringing refreshed knowledge bases, UI refinements, improved synchronization behavior, and several important fixes.
MISP v2.5.30 and v2.5.29 released: Beta UI/UX Mode, New Workflow modules and Performance Enhancements
This release introduces a foundational beta UI/UX mode (which will be the foundation for the next versions, feedback is more than welcome), new workflow modules, improvements to the Event Index, and important security updates.
MISP v2.5.28 Release: Security, Dashboard Upgrade, and Community Enhancements
MISP v2.5.28 Release Notes (2025-12-10)
MISP v2.5.28 delivers critical security fixes, a major dashboard upgrade to Gridstack 12, and significant platform stability enhancements. This release includes extensive XSS vulnerability patching, refined tag filtering logic, and better support for Meta Communities.
MISP v2.5.27 - released with new features and various fixes
This release delivers important new modules, major internal performance optimisations, updates to validation logic, and several security fixes. A large amount of work focused on improving JSON handling, filter pipelines, encoding performance, and overall system robustness.
MISP v2.5.26 - released with performance improvements and interoperability fixes
This release brings new features focused on performance improvements, logging enhancements, and data standardisation with the introduction of the UUID attribute type. It also includes several important bug fixes and dependency updates.
MISP v2.5.25 - Performance Update
This release introduces a security fix, significant performance improvements for REST searches, new default feeds, and several important bug fixes.
MISP v2.5.24 - Security & Stability Update
This release focuses on security enhancements, bug fixes, and minor improvements to stability and functionality.
- GCVE-1-2025-0010 < MISP 2.5.24 - Arbitrary file-hash inclusion via templates in the template engine in MispAttribute allows a web user to obtain the MD5 hash of any file accessible to them via inclusion of tmp_name in templates.
- GCVE-1-2025-0011 < MISP 2.5.24 - Invalid check for uploaded file validity in EventsController can lead to arbitrary file inclusion / deletion via import modules by spoofing the tmp_name of the request.
- GCVE-1-2025-0012 < MISP 2.5.24 - Potential vulnerability in file check upload but this vulnerability is non-exploitable as the code is never executed. This vulnerability information is kept for archiving.
- GCVE-1-2025-0013 < MISP 2.5.24 - Authorization bypass / improper access control in app/Controller/SharingGroupBlueprintsController.php in MISP on web application /or API allows an authenticated low-privilege user to inject arbitrary organizations into existing sharing groups (including groups that should not be extendable), thereby granting those organizations access to shared resources and escalating access via crafted sharing-group blueprints or API requests that bypass validation.
- GCVE-1-2025-0014 < MISP 2.5.24 - Cross-site scripting in Mermaid chart rendering component in MISP event report allows a remote attacker part of a MISP community to execute arbitrary JavaScript in the victim’s browser via injection of HTML tags in raw Mermaid charts synchronized through event reports.
- GCVE-1-2025-0015 < MISP 2.5.24 - Cross-site scripting in decaying tool simulation UI/component in MISP on web application allows an attacker/org who can set an organization’s display name to execute arbitrary JavaScript in other users’ browsers when they view or run simulations via a crafted organization name containing a script payload that is rendered unsanitized when a specific attribute is chosen for the simulation.
- GCVE-1-2025-0016 < MISP 2.5.24 - Local file inclusion in [ImportFromUrl() URL handling component in MISP event report (with pandoc support) on server-side document import feature / web application allows an attacker who can supply a URL to read local filesystem documents and disclose sensitive information (limited to document file types) via providing file:// URLs to ImportFromUrl() that are fetched without proper scheme/host validation.
Thanks to Raphael Lob and Jeroen Pinoy from NATO Cyber Security Center for the security evaluation and report.
MISP 2.5.23 Released with Enhanced Benchmarking, Many Bug Fixes, and Documentation Updates
MISP 2.5.23 Release Notes - (2025-10-15)
We’re rolling out MISP 2.5.23! This release is another step in our continuous effort to keep MISP running smoothly and effectively for the entire threat intelligence community. We know how crucial it is to have a reliable platform for sharing and analyzing threat data, and we’re committed to delivering regular updates that bring you solid improvements and quick fixes.
MISP 2.5.22 released with improvements and bugs fixes
We are pleased to announce the release of MISP v2.5.22.
This release brings new features, improvements, fixes, and important updates to keep MISP stable and up to date.
MISP 2.5.21 released with a new recorrelate feature, various fixes and updates.
MISP 2.5.21 released (2025-09-10)
We are pleased to announce the release of MISP v2.5.21.
This version introduces new features affecting the various correlation tools, important fixes, and various updates to objects, taxonomies, and galaxy.
MISP 2.5.19 brings important fixes, improvements to the on-demand correlation engine, refinements in the task scheduler, and better error handling.
MISP 2.5.19 Release Notes
Release date: 2025-08-20
MISP 2.5.19 brings important fixes, improvements to the on-demand correlation engine, refinements in the task scheduler, and better error handling.
MISP v2.5.18 released with new on-demand correlation engine, a new improved task scheduling system and many more updates
MISP v2.5.18 Release Notes
We are pleased to announce the release of MISP v2.5.18, featuring a brand-new on-demand correlation engine, new improved task scheduling, Forgejo CI integration, and a wide range of fixes and refinements.
MISP Releases v2.5.16 & v2.4.214 - A Major Leap in Performance and Stability
We are thrilled to announce two new releases for the MISP project: a significant feature and performance release, v2.5.16, and a stable maintenance release, v2.4.214.
MISP 2.4.213 & 2.5.15 Released - A Double Dose of Security, Search, and Stability
We are thrilled to announce a dual release of MISP, bringing significant enhancements to both our stable and development branches with versions 2.4.213 and 2.5.15.