CVE-2026-33455

UNKNOWN 0.0

Livestatus injection in monitoring quicksearch

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

13th

Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated attacker to inject livestatus commands via the search query due to insufficient input sanitization in search filter plugins.

CWE	CWE-140
Vendor	checkmk gmbh
Product	checkmk
Published	Apr 10, 2026
Last Updated	Apr 14, 2026

Stay Ahead of the Next One

Get instant alerts for checkmk gmbh checkmk

Be the first to know when new unknown vulnerabilities affecting checkmk gmbh checkmk are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Checkmk GmbH / Checkmk

2.5.0 < 2.5.0b4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

checkmk.com: https://checkmk.com/werk/17988