CVE-2025-32916

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

CVE-2025-32916

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

UBUNTU-CVE-2025-32916

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

UBUNTU-CVE-2025-39664

Insufficient escaping in the report scheduler within Checkmk 2.4.0p13, 2.3.0p38, 2.2.0p46 and 2.1.0 EOL allows authenticated attackers to define the storage location of report file pairs beyond their intended root directory...

CVE-2025-39664 Path-Traversal in report scheduler

Insufficient escaping in the report scheduler within Checkmk 2.4.0p13, 2.3.0p38, 2.2.0p46 and 2.1.0 EOL allows authenticated attackers to define the storage location of report file pairs beyond their intended root directory...

EUVD-2025-33348

Insufficient escaping in the report scheduler within Checkmk 2.4.0p13, 2.3.0p38, 2.2.0p46 and 2.1.0 EOL allows authenticated attackers to define the storage location of report file pairs beyond their intended root directory...

CVE-2025-39664 Path-Traversal in report scheduler

Insufficient escaping in the report scheduler within Checkmk 2.4.0p13, 2.3.0p38, 2.2.0p46 and 2.1.0 EOL allows authenticated attackers to define the storage location of report file pairs beyond their intended root directory...

CVE-2025-39664

CVE-2025-39664: In Checkmk, insufficient escaping in the report scheduler enables path traversal in affected versions (Checkmk <2.4.0p13, <2.3.0p38,

CVE-2025-32919

CVE-2025-32919 is due to use of an insecure temporary directory in the Windows License plugin of the Checkmk Windows Agent, enabling local privilege escalation. Affected versions: Checkmk 2.4.0 before 2.4.0p13, 2.3.0 before 2.3.0p38, 2.2.0 before 2.2.0p46, and all 2.1.0 (EOL). Root cause: insecur...

EUVD-2025-33350

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919 Privilege Escalation in Windows License plugin for Checkmk Windows Agent

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919 Privilege Escalation in Windows License plugin for Checkmk Windows Agent

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32916 Sensitive form data in URL query parameters

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

CVE-2025-32916 Sensitive form data in URL query parameters

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

EUVD-2025-33351

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

CVE-2025-32916

CVE-2025-32916 affects Checkmk platforms prior to 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 (EOL). The issue is that sensitive information may be included in URL query parameters due to GET requests, potentially being logged in browser history, web server logs, or other logging destinations. The de...

PT-2025-41387

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions 2.4.0p13, 2.3.0p38, 2.2.0p46, and 2.1.0 EOL may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions prior to 2.4.0p13, prior to 2.3.0p38, prior to 2.2.0p46, and 2.1.0, which stems from the possible use of sensitive information in a GET request, which could result in sensitive form data...

PT-2025-41388

Name of the Vulnerable Software and Affected Versions Checkmk versions 2.1.0 Checkmk versions 2.2.0 through 2.2.0p45 Checkmk versions 2.3.0 through 2.3.0p37 Checkmk versions 2.4.0 through 2.4.0p12 Description The Windows License plugin for the Checkmk Windows Agent contains a flaw related to the...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk versions 2.4.0 through 2.4.0p13, 2.3.0 through 2.3.0p38, 2.2.0 through 2.2.0p46, and 2.1.0, which stems from the use of an insecure temporary directory and could result in elevated privileges...