CVE-2026-24096

CVSS Score & Metrics

Base Score

8.8 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Insufficient permission validation on multiple REST API Quick Setup endpoints in Checkmk 2.5.0 (beta) before version 2.5.0b2 and 2.4.0 before version 2.4.0p25 allows low-privileged users to perform unauthorized actions or obtain sensitive information

Vulnerability Details

Published Date

April 01, 2026

Last Modified

April 07, 2026

CWE ID

CWE-280

Source

NVD

Vendor

Checkmk GmbH

Product

Checkmk

External References

https://checkmk.com/werk/18989

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment