CVE-2026-2859 in Checkmkinformação

Sumário

de MITRE • 13/03/2026

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint, which could lead to information disclosure.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Checkmk

Reservar

20/02/2026

Divulgação

13/03/2026

Moderação

aceite

Entrada

VDB-350831

CPE

pronto

CWE

CWE-204 (confirmado)

CVSS

4.3 (NVD)

EPSS

0.00054

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-2859
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-2859
CVE Details	https://www.cvedetails.com/cve/CVE-2026-2859/

◂ Voltar Visão Geral Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!