Unrated severityNVD Advisory· Published Oct 3, 2025· Updated Oct 3, 2025
User information disclosure via api_jsonrpc.php on method user.get with param search
CVE-2025-27236
Description
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.