CVE-2026-24096

UNKNOWN 0.0

Insufficient permission validation on multiple REST API Quick Setup endpoints

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 (beta) before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information

CWE	CWE-280
Vendor	checkmk gmbh
Product	checkmk
Published	Apr 1, 2026
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for checkmk gmbh checkmk

Be the first to know when new unknown vulnerabilities affecting checkmk gmbh checkmk are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Checkmk GmbH / Checkmk

2.5.0b1 < 2.5.0b2 2.4.0 < 2.4.0p25

References

NVD ↗ CVE.org ↗ EPSS Data ↗

checkmk.com: https://checkmk.com/werk/18989

Credits

🔍 PS Positive Security GmbH