Checkmk 安全漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. There are security vulnerabilities in versions of Checkmk prior to 2.2.0, 2.3.0p46, 2.4.0p25, and 2.5.0b3. These vulnerabilities stem from the ability for site users to manipulate files, potentially leading to permission...

Checkmk 安全漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions of Checkmk prior to 2.4.0p23, 2.3.0p45, and 2.2.0 contain security vulnerabilities. These vulnerabilities stem from the exposure of session signing keys, which could allow remote site administrators to forge session...

EUVD-2020-17616

Malware in sbrugna...

EUVD-2022-49119

Malicious code in bioql PyPI...

EUVD-2024-42778

Malicious code in bioql PyPI...

EUVD-2024-25911

Malicious code in bioql PyPI...

EUVD-2025-13999

Malicious code in bioql PyPI...

EUVD-2024-25915

Malicious code in bioql PyPI...

EUVD-2025-19936

Malicious code in bioql PyPI...

EUVD-2024-37649

Malicious code in bioql PyPI...

EUVD-2024-37650

Malicious code in bioql PyPI...

EUVD-2024-25916

Malicious code in bioql PyPI...

CVE-2025-32918

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...

CVE-2024-28825

Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 beta, 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 EOL facilitates password brute-forcing...

CVE-2025-32915 Sensitive data exposed during automatic agent updates

Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and = 2.1.0p49 EOL. This allows a local attacker to read sensitive data...

CVE-2025-3506 Potentially senitive path exposed via unauthenticated http route

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

PT-2025-20377 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions 2.1.0 through 2.3.0 Checkmk version 2.4.0b6 and earlier Description: The issue allows files to be deployed with agents to be accessible without authentication. This could enable an attacker to access files that may contain...

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

CVE-2025-2092 Remote site authentication secrets written to web log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

CVE-2025-2092 Remote site authentication secrets written to web log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...