Vulnerabilities

CVE-2025-64999

by Fred · 26/02/2026

Improper neutralization of input in Checkmk versions 2.4.0 before 2.4.0p22, and 2.3.0 before 2.3.0p43 allows an attacker that can manipulate a host’s check output to inject malicious JavaScript into the Synthetic Monitoring HTML logs, which can then be accessed via a crafted phishing link.

More information : https://checkmk.com/werk/19238

Similar

Tags: Cybersecurity Alert