CVE-2026-23925 in Zabbixinfo

Zusammenfassung

von MITRE • 06.03.2026

An authenticated Zabbix user (User role) with template/host write permissions is able to create objects via the configuration.import API. This can lead to confidentiality loss by creating unauthorized hosts. Note that the User role is normally not sufficient to create and edit templates/hosts even with write permissions.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Zabbix

Reservieren

19.01.2026

Veröffentlichung

06.03.2026

Moderieren

akzeptiert

Eintrag

VDB-349432

CPE

bereit

CWE

CWE-863 (bestätigt)

CVSS

6.3 (VulDB)

EPSS

0.00016

KEV

nein

Aktivitäten

very low

Sektor

Energy, Government, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-23925
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-23925
CVE Details	https://www.cvedetails.com/cve/CVE-2026-23925/

◂ Zurück Übersicht Weiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!