CVE-2026-23924

UNKNOWN 0.0

Agent 2 Docker plugin arbitrary file read via Docker API injection

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

13th

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API.

CWE	CWE-88
Vendor	zabbix
Product	zabbix
Published	Mar 24, 2026
Last Updated	Mar 25, 2026

Stay Ahead of the Next One

Get instant alerts for zabbix zabbix

Be the first to know when new unknown vulnerabilities affecting zabbix zabbix are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Zabbix / Zabbix

6.0.0 ≤ 6.0.43 7.0.0 ≤ 7.0.22 7.4.0 ≤ 7.4.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.zabbix.com: https://support.zabbix.com/browse/ZBX-27642

Credits

🔍 Zabbix wants to thank kelsier from clocktwice.com for submitting this report on the HackerOne bug bounty platform.