Livestatus injection in the monitoring quicksearch in...
Moderate severity
Unreviewed
Published
Apr 10, 2026
to the GitHub Advisory Database
•
Updated Apr 20, 2026
Description
Published by the National Vulnerability Database
Apr 10, 2026
Published to the GitHub Advisory Database
Apr 10, 2026
Last updated
Apr 20, 2026
Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated attacker to inject livestatus commands via the search query due to insufficient input sanitization in search filter plugins.
References