EIP-2026-105094
PRE-CVEAlienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-105094. PoCs published by MohamadReza Mohajerani.
AI-analyzed exploit summary This exploit demonstrates CSRF vulnerabilities in AlienVault OSSIM, allowing deletion of user accounts and knowledge DB items via crafted GET requests. The PoC provides direct URLs to trigger these actions without user interaction beyond clicking a link.
Description
Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery
Exploits (1)
exploitdb
WORKING POC
by MohamadReza Mohajerani · textwebappsphp
https://www.exploit-db.com/exploits/38400
This exploit demonstrates CSRF vulnerabilities in AlienVault OSSIM, allowing deletion of user accounts and knowledge DB items via crafted GET requests. The PoC provides direct URLs to trigger these actions without user interaction beyond clicking a link.
Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:
AlienVault OSSIM 4.3
Auth required
Prerequisites:
Victim must be authenticated in OSSIM · Victim must click on a malicious link
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026