MISP Releases v2.5.16 & v2.4.214 - A Major Leap in Performance and Stability

July 19, 2025

We are thrilled to announce two new releases for the MISP project: a significant feature and performance release, v2.5.16, and a stable maintenance release, v2.4.214.

MISP 2.4.213 & 2.5.15 Released - A Double Dose of Security, Search, and Stability

June 24, 2025

We are thrilled to announce a dual release of MISP, bringing significant enhancements to both our stable and development branches with versions 2.4.213 and 2.5.15.

MISP 2.4.211 & 2.5.13 Released - A Double Dose of Security, Search, and Stability

June 6, 2025

We are excited to announce the parallel release of two new MISP versions: 2.5.13 for our latest branch and 2.4.211 for the 2.4 branch. These releases are packed with critical security patches, a major overhaul of the search functionality, and a host of improvements and bug fixes to enhance your threat intelligence experience.

MISP 2.4.210 / 2.5.12 released with many improvements, UI enhancement and various fixes

May 14, 2025

This release provides a critical round of security fixes, significant improvements to attribute validation, and UI enhancements for event views and analyst workflows. Multiple components including Galaxy, STIX, and warning lists were also updated. Special attention has been given to improving compatibility, performance, and documentation.

MISP v2.4.209 and v2.5.11 Released with new features, security fixes and improvements in workflow engine.

May 7, 2025

This release introduces several new features, important security fixes, and major improvements to the workflow engine, sharing group logic, and plugin handling. It also includes enhancements developed during hackathon.lu 2025.

MISP v2.4.208 and v2.5.10 Released with Many Bugs Fixed

April 4, 2025

This release introduces important security fixes, enhancements in authentication plugin handling, and better cache management in the workflow editor. It also updates various MISP components and improves remote sync behavior.

MISP v2.4.207 and v2.5.9 Released with Many Bugs Fixed

March 26, 2025

Summary

This dual release of MISP (versions 2.4.207 and 2.5.9) brings significant stability improvements, better performance, and architectural refinements, particularly around background job handling, workflow modules, and Galaxy cluster operations.

MISP v2.4.206 and v2.5.8 Released - new workflow modules, improved graph object relationship management and many other improvements

March 19, 2025

Summary

MISP v2.4.206 and v2.5.8 introduces new workflow modules, enhanced object relationship management and significant improvements to the event synchronisation mechanism. Key highlights include improved a reworked attribute search functionality, better handling of event reports, and various security fixes. Additionally, numerous optimizations and bug fixes enhance stability and performance.

MISP v2.4.205 and v2.5.7 Released - Enhancements, Fixes, and Improved Correlation Management

February 24, 2025

Combined Release Notes: MISP v2.5.7 & v2.4.205 (2025-02-24)

The MISP Project is pleased to announce the release of MISP v2.5.7 and v2.4.205, bringing several new features, important fixes, and enhancements to improve the overall user experience and platform functionality. This release addresses critical improvements in synchronization filtering, correlation management, and UI enhancements, ensuring a more stable and efficient MISP environment.

Latest misp-stix Release: Enhanced Support for Analyst Data

February 7, 2025

MISP Analyst Data Format: Enhancing STIX 2.1 Integration

The MISP Analyst Data format, part of the broader MISP-standard.org ecosystem, represents a significant step forward in structuring and exchanging cyber threat intelligence. Developed in collaboration with industry partners, this format builds upon the lessons learned from OASIS STIX, addressing its practical shortcomings while ensuring greater efficiency, flexibility, and usability for analysts.

MISP 2.4.204 and 2.5.6 released including new features, performance improvements and many other improvements.

January 13, 2025

Combined Release Notes: MISP v2.5.6 & v2.4.204 (2025-01-03)

The MISP team is excited to announce the release of MISP v2.5.6 and MISP v2.4.204. These updates bring several new features, fixes, and performance improvements to enhance the platform’s usability and efficiency. Here’s a summary of the key changes:

MISP 2.4.203 and 2.5.5 released including new features, improvements and many security improvements.

January 12, 2025

MISP Software Release: Combined Updates for v2.4.203 and v2.5.5

Introduction

We are thrilled to announce the release of MISP v2.4.203 and MISP v2.5.5, bringing a range of new features, improvements, and fixes to enhance the platform’s performance, usability, and security. These updates reflect our ongoing commitment to providing a robust and reliable open-source threat intelligence platform for the community.

MISP 2.4.202 and 2.5.4 released with numerous enhancements including analyst data, bug fixes, and security improvements

December 24, 2024

Changes

Configuration

Base URL Setting: Added a new setting to skip base URL coercion for the framework. This resolves issues when running MISP under a subdirectory but may have adverse effects for other setups.

Settings

REST Client Settings: Enhanced security by tightening REST client-related settings:
- rest_client_baseurl is now CLI-only.
- Updated rest_client_enable_arbitrary_urls description for clarity.
Removed Unused Setting: Security.disable_form_security, a legacy setting for testing purposes, has been removed.

Updates

Taxonomies, Warning Lists, Objects, Galaxy: Updated to their latest versions.
MISP-STIX and PyMISP: Updated to the latest versions.

Analyst Data

Analyst Data objects like Notes and Opinions are now flattened lists attached to their data layer instead of nested.
Improved handling of analyst data in various endpoints and views.
Added new metrics for analyst data and event reports.

UI

Minor tweaks and improvements.

Attributes

Support for adding combinations of tag collection tags and other tags simultaneously.

Statistics

Added metrics for analyst data and event reports.

CI

Path fixes and branch updates.

Fixes

Security

Resolved multiple vulnerabilities:
- Stored XSS in JsonTool::encode() used in JavaScript.
- Tightened template elements endpoint to prevent abuse.
- File upload process improved to prevent abuse.
- Prevented TOTP secret logging in audit logs.
Updated encoding in the upload_file view element.

Analyst Data

Addressed issues with nested data handling and JSON export.
Fixed data fetching inconsistencies and restored functionality for viewing nested analyst data.

REST Search

Adjusted deleted flag behavior to improve results consistency.

Miscellaneous

Corrected variable definition, CLI arguments, and template index naming.

Other

Merge Requests: Integrated various feature and fix branches into 2.4-develop.
Community Additions: Added Threatmon MISP Community.
Custom Image Path Check: Updated image path validation logic.

This release includes several critical security fixes, updates, and enhancements, improving the overall functionality and stability of MISP. Users are encouraged to update promptly to benefit from the latest improvements and security measures.

MISP v2.5.3 and v2.4.201 released with numerous enhancements, bug fixes, and security improvements to strengthen threat information sharing capabilities.

December 22, 2024

We are excited to announce the latest updates to MISP with versions v2.5.3 and v2.4.201, which bring numerous enhancements, bug fixes, and security improvements to strengthen threat information sharing capabilities. As with any security release, we highly recommend that you update ASAP and inform your partners to do the same.

FlowIntel 1.3.1 released and MISP integration

December 9, 2024

FlowIntel 1.3.1 released and MISP integration

FlowIntel is a lightweight and flexible platform built to help teams manage their tasks and cases efficiently. It offers a range of features, from detailed documentation tools to integration with external platforms, ensuring that workflows remain seamless and adaptable to various needs.

MISP 2.4.200 and 2.5.2 released - Post Hack.lu/CTI-Summit release with many new features

November 19, 2024

The Hack.lu/CTI-Summit once again allowed us to get in touch with the community and sit down to talk about new features and issues to be implemented. As usual, it was a real pleasure to get that much concentrated feedback. In this release, we put a lot of effort trying to fix and create new content as much as possible based on the collected needs of the community.

MISP 2.4.198 released with many bugs fixed, security fixes and improvements.

September 17, 2024

MISP v2.4.198 (2024-09-13)

Based on a set of fixes including a security fix, we are pleased to announce the immediate availability of MISP 2.4.198. You can find a list of the detailed changes along with new features further below. As with any security release, we highly encourage everyone to update their instance as soon as possible.

MISP 2.4.197 released with many bugs fixed, a security fix and improvements.

September 2, 2024

Release Notes - v2.4.197 (2024-09-02)

New Features

Config Option: Added a new configuration option user_org_uuid_in_response_header to include a response header with the requesting user’s organization UUID. [Jeroen Pinoy]
Build: Display required STIX dependencies versions during the build process. [Jakub Onderka]
Bookmark now supports comment.

Changes

Version: Version bump. [iglocska]
Warning List: Updated the warning list. [Alexandre Dulaunoy]
Taxonomies: Updated to the latest version. [Alexandre Dulaunoy]
MISP Galaxy: Updated to the latest version. [Alexandre Dulaunoy]
PyMISP: Version bump. [Raphaël Vinot]
Internal Logging: Added logging when an event will not be published. [Jakub Onderka]
Global Menu - Bookmarks: Added comment field as the dropdown element’s title in the global menu bookmark. [Sami Mokaddem]
Database Upgrade - Bookmarks: Upgraded the database to support bookmark comments. [Sami Mokaddem]
Bookmark View: Added a missing comma for the new comment function and added a field for comments in the bookmark view. [Jan Z.]
Bookmark Index: Added a field to display comments in the bookmarks index. [Jan Z.]
Bookmark Add/Edit: Added a field to add and edit comments for bookmarks. [Jan Z.]
MISP Object: Updated to the latest version. [Alexandre Dulaunoy]

Fixes

UI/Footer: Improved UI footer to avoid confusion for some users. [Alexandre Dulaunoy]
IOC Import: Added a check to ensure the provided XML is valid. [Jakub Onderka]
Schema: Updated schema version. [Jakub Onderka]
UI: Fixed tag popover to return already parsed data. [Jakub Onderka]
Bookmarks - Add: Lower-cased the comment field. [Sami Mokaddem]
Sightings: Correctly retrieve sightings per the requested event. [Tom King]
Bookmarks - Verbose Returns: Fixed an issue with overly verbose returns from bookmarks when shared with the organization. This fix was reported by Sharad Kumar Dahal of Green Tick Nepal Pvt. Ltd. [iglocska] This fixes a security issue recorded as CVE-2024-45509.
Feed: When pulling feeds, events are now checked against specified rules if any rules are provided. [Benni0]

Other

Merged pull requests addressing issues with unpublished events logging, tag popover parsing, sightings restSearch performance, and STIX dependencies version display. [Jakub Onderka, Andras Iklody, Andrew Hicks]
Fixed issues related to sightings restSearch negation of organization ID. [Andrew Hicks]

For a complete list of updates, please refer to the changelog pages. Many thanks to all the diligent contributors that ensure that MISP keeps improving rapidly!

MISP 2.4.196 released with many bugs fixed and improvements.

August 21, 2024

MISP 2.4.196 released with many bugs fixed and improvements.

New Features

Decaying Model: Introduced a new DecayingModel that leverages true positive and false positive sightings for better decision-making. [Marcel Slotema]
Log Search Enhancement: Added an optional hh:mm:ss accuracy to log searches, allowing for more precise time-based queries. This update also includes significant refactoring to improve code quality. [iglocska]
User Log Review: Improved the functionality of the “review user logs” button. It now links directly to logs relevant to the specific user, considering the new audit log system. Future enhancements will include email-based log searches. [iglocska]

Changes

PyMISP Update: Updated PyMISP to the latest version. [Raphaël Vinot]
Decaying Model Formulas: Enhanced error handling by catching undefined indexes in decaying model formulas. [Sami Mokaddem]
Attributes Search: Added support for sorting by publish_timestamp and introduced the X-Skipped-Elements-Count header to improve pagination during REST searches. [Benni0]
Reverse Proxy Handling: Fixed issues with base URL handling for reverse proxies, eliminating problematic redirects. Special thanks to Mitch Germansky for the extensive debugging. [iglocska]
MISP Components Update: Updated MISP Object, Galaxy, and STIX components to their latest versions. [Alexandre Dulaunoy, Christian Studer]

Fixes

STIX 2 Import: Updated the STIX 2 parsers following recent changes in MISP-STIX. [Christian Studer]
Base URL Setting: Adjusted the priority order in beforeFilter to avoid redis errors during benchmarking. [iglocska]
Image Helper: Allowed for variable-width organization logos without overlapping text. [iglocska]
Workflow Module: Ensured correct type return if redis fails to load during workflow:getEnabledModules. [Sami Mokaddem]
Settings Management: Fixed multiple issues related to changing instance settings, including improvements to CLI checks. [iglocska]
Attribute Search Ordering: Reverted ID-based sliding window ordering due to performance concerns. [iglocska]

Other

Merged several development branches to integrate recent changes, updates, and fixes from various contributors. Notably, the branches related to attribute search order, skipped elements count, and environment dependencies were integrated into the main branch. [iglocska, Christian Studer, Sami Mokaddem, Alexandre Dulaunoy, Stefano Ortolani, Andras Iklody]

For a complete list of updates, please refer to the changelog pages. Many thanks to all the diligent contributors that ensure that MISP keeps improving rapidly!

MISP 2.4.195 - hot summer olympic release

August 9, 2024

MISP 2.4.195 - hot summer olympic release

We are pleased to announce the immediate availability of MISP v2.4.195, a summer release aiming to introduce new features, fix a long list of reported bugs and deficiencies as well as give your servers a breather in the scorching summer heat by taking a load off your CPUs thanks to a set of impactful performance fixes.

Documentation

Legal

Reaching us

Who are we?

Threat Intelligence

Summary

Summary

Combined Release Notes: MISP v2.5.7 & v2.4.205 (2025-02-24)

MISP Analyst Data Format: Enhancing STIX 2.1 Integration

Combined Release Notes: MISP v2.5.6 & v2.4.204 (2025-01-03)

MISP Software Release: Combined Updates for v2.4.203 and v2.5.5

Introduction

Changes

Configuration

Settings

Updates

Analyst Data

UI

Attributes

Statistics

CI

Fixes

Security

Analyst Data

REST Search

Miscellaneous

Other

FlowIntel 1.3.1 released and MISP integration

MISP v2.4.198 (2024-09-13)

Release Notes - v2.4.197 (2024-09-02)

New Features

Changes

Fixes

Other

MISP 2.4.196 released with many bugs fixed and improvements.

New Features

Changes

Fixes

Other

MISP 2.4.195 - hot summer olympic release

Search

Tags