VYPR
Medium severity6.3NVD Advisory· Published Apr 10, 2026· Updated Apr 20, 2026

CVE-2026-33455

CVE-2026-33455

Description

Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated attacker to inject livestatus commands via the search query due to insufficient input sanitization in search filter plugins.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Checkmk/Checkmk4 versions
    cpe:2.3:a:checkmk:checkmk:2.5.0:b1:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:checkmk:checkmk:2.5.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:checkmk:checkmk:2.5.0:b2:*:*:*:*:*:*
    • cpe:2.3:a:checkmk:checkmk:2.5.0:b3:*:*:*:*:*:*
    • (no CPE)range: <2.5.0b4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.