CVE-2026-33456

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...

CVE-2026-33456

Summary of CVE-2026-33456 : A Livestatus injection vulnerability exists in Checkmk’s notification test mode for versions before 2.5.0b4 and before 2.4.0p26. An authenticated user who can access the notification test page can inject arbitrary Livestatus commands via a crafted service description. ...

CVE-2026-33456 Potential livestatus injection in notification test

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...

PT-2026-31899

Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.5.0b4 and prior to 2.4.0p26 Description A flaw exists in Checkmk that allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands through a crafted service...

CVE-2026-33456

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...