Unrated severityOSV Advisory· Published Dec 18, 2025· Updated Dec 18, 2025

Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule

CVE-2025-65000

Description

SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML source in Checkmk <= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.

Affected products

Checkmk/CheckmkOSV
Range: 1.1.0beta17, v1.1.0, v1.1.10, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

checkmk.com/werk/19030mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000