CVE-2026-8833

🗓️ 08 Jun 2026 12:06:51Reported by CheckmkType

CVE-2026-8833: Checkmk validation flaw enables cross-site scripting via crafted javascript links by authenticated users.

Reporter	Title	Published	Views	Family All 3
Cvelist	CVE-2026-8833 XSS in urls	8 Jun 202612:06	–	cvelist
NVD	CVE-2026-8833	8 Jun 202613:16	–	nvd
Vulnrichment	CVE-2026-8833 XSS in urls	8 Jun 202612:06	–	vulnrichment

CNA

Node

checkmk checkmkRange2.5.0–2.5.0p5

checkmk checkmkRange2.4.0–2.4.0p31

checkmk checkmkRange2.3.0–2.3.0p48

checkmk checkmkMatch2.2.0

[
  {
    "defaultStatus": "unaffected",
    "product": "Checkmk",
    "vendor": "Checkmk GmbH",
    "versions": [
      {
        "lessThan": "2.5.0p5",
        "status": "affected",
        "version": "2.5.0",
        "versionType": "semver"
      },
      {
        "lessThan": "2.4.0p31",
        "status": "affected",
        "version": "2.4.0",
        "versionType": "semver"
      },
      {
        "lessThan": "2.3.0p48",
        "status": "affected",
        "version": "2.3.0",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "2.2.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
checkmk	www.checkmk.com/werk/20002

08 Jun 2026 13:16Current

CVSS 48.5

SSVC

CWE-79