VYPR

Vendor CVEs

Checkmk

All CVEs

122 total · sorted by risk
  • CVE-2026-24096HigApr 1, 2026
    risk 0.50cvss 8.8epss 0.00

    Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 (beta) before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information

  • CVE-2024-38863HigOct 14, 2024
    risk 0.49cvss 7.5epss 0.00

    Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishing attacks.

  • CVE-2024-47091HigMay 13, 2026
    risk 0.44cvss 7.8epss 0.00

    Privilege escalation in the mk_mysql agent plugin on Windows in Checkmk <2.4.0p29, <2.3.0p47, and 2.2.0 (EOL) allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' (or with write access to a binary referenced by such a service)…

  • CVE-2026-33456HigApr 10, 2026
    risk 0.42cvss 7.6epss 0.00

    Livestatus injection in the notification test mode in Checkmk <2.5.0b4 and <2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description.

  • CVE-2017-14955MedOct 2, 2017
    risk 0.42cvss 5.9epss 0.12

    Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report.

  • CVE-2025-39666HigApr 7, 2026
    risk 0.40cvss 7.3epss 0.00

    Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 (beta) before 2.5.0b3 allows a site user to escalate their privileges to root, by manipulating files in the site context that are processed when the…

  • CVE-2025-64998HigMar 24, 2026
    risk 0.40cvss 7.2epss 0.00

    Exposure of session signing secret in Checkmk <2.4.0p23, <2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging session cookies.

  • CVE-2014-0243MedJul 19, 2018
    risk 0.36cvss 5.5epss 0.01

    Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job.

  • CVE-2024-13722MedFeb 4, 2025
    risk 0.35cvss 5.4epss 0.01

    The "NagVis" component within Checkmk is vulnerable to reflected cross-site scripting. An attacker can craft a malicious link that will execute arbitrary JavaScript in the context of the browser once clicked. The attack can be performed on both authenticated and unauthenticated…

  • CVE-2026-33457MedApr 10, 2026
    risk 0.34cvss 6.3epss 0.00

    Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value.

  • CVE-2026-33455MedApr 10, 2026
    risk 0.34cvss 6.3epss 0.00

    Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated attacker to inject livestatus commands via the search query due to insufficient input sanitization in search filter plugins.

  • CVE-2026-24095MedFeb 9, 2026
    risk 0.34cvss epss 0.00

    Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p21, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows users with the "Use WATO" permission to access the "Analyze configuration" page by directly navigating to its URL, bypassing the intended "Access analyze…

  • CVE-2024-38862MedOct 14, 2024
    risk 0.29cvss 4.4epss 0.00

    Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to be written to audit log files accessible to administrators.

  • CVE-2026-8833MedJun 8, 2026
    risk 0.28cvss 5.4epss 0.00

    Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site…

  • CVE-2026-7186MedJun 8, 2026
    risk 0.28cvss 5.4epss 0.00

    Stored cross-site scripting in the URL dashboard widget in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a dangerous URI scheme such as javascript: that executes scripts in other users'…

  • CVE-2026-3466MedApr 7, 2026
    risk 0.28cvss 5.4epss 0.00

    Insufficient sanitization of dashboard dashlet title links in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 before 2.4.0p25, and Checkmk 2.5.0 (beta) before 2.5.0 allows an attacker with dashboard creation privileges to perform stored cross-site scripting…

  • CVE-2026-33276MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    Stored cross-site scripting (XSS) in Checkmk 2.5.0 (beta) before 2.5.0b2 allows authenticated users with permission to create hosts or services to execute arbitrary JavaScript in the browsers of other users performing searches in the Unified Search feature.

  • CVE-2026-20915MedMar 31, 2026
    risk 0.28cvss 5.4epss 0.00

    Stored cross-site scripting (XSS) in Checkmk version 2.5.0 (beta) before 2.5.0b2 allows authenticated users with permission to create pending changes to inject malicious JavaScript into the Pending Changes sidebar, which will execute in the browsers of other users viewing the…

  • CVE-2026-7765MedJun 8, 2026
    risk 0.27cvss 5.3epss 0.00

    Incorrect authorization in the User Messages dashboard widget in Checkmk <2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing an attacker who knows a valid public dashboard share token to read the issuer's…

  • CVE-2026-9549MedJun 8, 2026
    risk 0.24cvss 4.8epss 0.00

    Stored cross-site scripting in the service discovery active check output in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can configure active or custom checks to inject malicious HTML or JavaScript into check output that executes in…

  • CVE-2026-8078MedJun 8, 2026
    risk 0.24cvss 4.8epss 0.00

    Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can change global settings to store malicious HTML or JavaScript in changelog messages that executes in other users'…

  • CVE-2021-40904Mar 25, 2022
    risk 0.02cvss epss 0.04

    The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the…

  • CVE-2021-36563Jul 26, 2021
    risk 0.01cvss epss 0.02

    The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side…

  • CVE-2026-2859Mar 13, 2026
    risk 0.00cvss epss 0.00

    Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information…

  • CVE-2026-24097Mar 13, 2026
    risk 0.00cvss epss 0.00

    Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows authenticated users to enumerate existing hosts by observing different HTTP response codes in agent-receiver/register_existing endpoint, which could lead to…

  • CVE-2026-3103Mar 4, 2026
    risk 0.00cvss epss 0.00

    A logic error in the remove_password() function in Checkmk GmbH's Checkmk versions <2.4.0p23, <2.3.0p43, and 2.2.0 (EOL) allows a low-privileged user to cause data loss.

  • CVE-2025-64999Feb 26, 2026
    risk 0.00cvss epss 0.00

    Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host's check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted…

  • CVE-2025-65000Dec 18, 2025
    risk 0.00cvss epss 0.00

    SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML source in Checkmk <= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was…

  • CVE-2025-64997Dec 18, 2025
    risk 0.00cvss epss 0.00

    Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.

  • CVE-2025-58121Nov 18, 2025
    risk 0.00cvss epss 0.00

    Insufficient permission validation on multiple REST API endpoints in Checkmk 2.2.0, 2.3.0, and 2.4.0 before version 2.4.0p16 allows low-privileged users to perform unauthorized actions or obtain sensitive information

  • CVE-2025-58122Nov 18, 2025
    risk 0.00cvss epss 0.00

    Insufficient permission validation in Checkmk 2.4.0 before version 2.4.0p16 allows low-privileged users to modify notification parameters via the REST API, which could lead to unauthorized actions or information disclosure.

  • CVE-2025-64996Nov 18, 2025
    risk 0.00cvss epss 0.00

    In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access…

  • CVE-2025-39663Oct 30, 2025
    risk 0.00cvss epss 0.01

    Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 (eol).

  • CVE-2025-39664Oct 9, 2025
    risk 0.00cvss epss 0.01

    Insufficient escaping in the report scheduler within Checkmk <2.4.0p13, <2.3.0p38, <2.2.0p46 and 2.1.0 (EOL) allows authenticated attackers to define the storage location of report file pairs beyond their intended root directory.

  • CVE-2025-32919Oct 9, 2025
    risk 0.00cvss epss 0.00

    Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL).

  • CVE-2025-32916Oct 9, 2025
    risk 0.00cvss epss 0.00

    Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions <2.4.0p13, <2.3.0p38, <2.2.0p46, and 2.1.0 (EOL) may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web…

  • CVE-2025-58127Aug 28, 2025
    risk 0.00cvss epss 0.00

    Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in MitM position to intercept traffic.

  • CVE-2025-58125Aug 28, 2025
    risk 0.00cvss epss 0.00

    Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in MitM position to intercept traffic.

  • CVE-2025-58124Aug 28, 2025
    risk 0.00cvss epss 0.00

    Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM position to intercept traffic.

  • CVE-2025-58123Aug 28, 2025
    risk 0.00cvss epss 0.00

    Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in MitM position to intercept traffic.

  • CVE-2025-32918Jul 4, 2025
    risk 0.00cvss epss 0.00

    Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.

  • CVE-2025-32915May 22, 2025
    risk 0.00cvss epss 0.00

    Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk < 2.4.0p1, < 2.3.0p32, < 2.2.0p42 and <= 2.1.0p49 (EOL). This allows a local attacker to read sensitive data.

  • CVE-2025-1712May 21, 2025
    risk 0.00cvss epss 0.01

    Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files

  • CVE-2025-32917May 13, 2025
    risk 0.00cvss epss 0.00

    Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32, <2.2.0p42, and 2.1.0p49 (EOL) allow user with write access to JAVA_HOME/bin directory to escalate privileges.

  • CVE-2025-3506May 8, 2025
    risk 0.00cvss epss 0.00

    Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and <Checkmk 2.4.0b6 allows attacker to access files that could contain secrets.

  • CVE-2025-2092Apr 22, 2025
    risk 0.00cvss epss 0.00

    Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p29, <2.2.0p41 and <=2.1.0p49 (EOL) causes remote site authentication secrets to be written to log files accessible to administrators.

  • CVE-2024-38865Apr 10, 2025
    risk 0.00cvss epss 0.01

    Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 (EOL) allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their…

  • CVE-2025-2596Mar 26, 2025
    risk 0.00cvss epss 0.00

    Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL)

  • CVE-2024-47092Mar 3, 2025
    risk 0.00cvss epss 0.00

    Insecure deserialization and improper certificate validation in Checkmk Exchange plugin check-mk-api prior to 5.8.1

  • CVE-2025-1075Feb 19, 2025
    risk 0.00cvss epss 0.00

    Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p27, <2.2.0p40, and 2.1.0p51 (EOL) causes LDAP credentials to be written to Apache error log file accessible to administrators.

Page 1 of 3