CVE-2025-34298
Nagios Log Server (prior to 2024R1.3.2) contains a privilege escalation in the account email-change workflow. An attacker could set their own email to an invalid value, and due to insufficient validation and authorization checks tied to email identity state, trigger an inconsistent account state ...