EIP-2026-105094

PRE-CVE

Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105094. PoCs published by MohamadReza Mohajerani.

AI-analyzed exploit summary This exploit demonstrates CSRF vulnerabilities in AlienVault OSSIM, allowing deletion of user accounts and knowledge DB items via crafted GET requests. The PoC provides direct URLs to trigger these actions without user interaction beyond clicking a link.

Description

Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery

Exploits (1)

exploitdb WORKING POC
by MohamadReza Mohajerani · textwebappsphp
https://www.exploit-db.com/exploits/38400

This exploit demonstrates CSRF vulnerabilities in AlienVault OSSIM, allowing deletion of user accounts and knowledge DB items via crafted GET requests. The PoC provides direct URLs to trigger these actions without user interaction beyond clicking a link.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: AlienVault OSSIM 4.3
Auth required
Prerequisites: Victim must be authenticated in OSSIM · Victim must click on a malicious link
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026