CVE-2026-33457 | Checkmk up to 2.3.0p46/2.4.0p25/2.5.0b3 Livestatus Command service name delimiter

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Checkmk up to 2.3.0p46/2.4.0p25/2.5.0b3. This impacts an unknown function of the component Livestatus Command Handler. Performing a manipulation of the argument service name results in improper neutralization of delimiters.

This vulnerability is known as CVE-2026-33457. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-33457 | Checkmk up to 2.3.0p46/2.4.0p25/2.5.0b3 Livestatus Command service name delimiter

Post correlati

CVE-2025-59799 | Artifex Ghostscript up to 10.05.1 gdevpdfm.c pdfmark_coerce_dest size stack-based overflow

CVE-2025-14107 | ZSPACE Q2C NAS up to 1.1.0210050 HTTP POST Request /v2/file/safe/status zfilev2_api.SafeStatus safe_dir command injection

CVE-2026-23534 | FreeRDP up to 3.20.x ClearCodec heap-based overflow

CVE-2024-44306 | Apple macOS up to 14.5 buffer overflow