CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-49643 – Frontend DoS vulnerability due to asymmetric resource consumption
https://notcve.org/view.php?id=CVE-2025-49643
01 Dec 2025 — An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service. • https://support.zabbix.com/browse/ZBX-27284 • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-49642 – Agent builds for AIX vulnerable to library loading hijacking
https://notcve.org/view.php?id=CVE-2025-49642
01 Dec 2025 — Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory. • https://support.zabbix.com/browse/ZBX-27283 • CWE-426: Untrusted Search Path •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-49641 – Insufficient permission check for the problem.view.refresh action
https://notcve.org/view.php?id=CVE-2025-49641
03 Oct 2025 — A regular Zabbix user with no permission to the Monitoring -> Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems. • https://support.zabbix.com/browse/ZBX-27063 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2025-27237 – DLL injection in Zabbix Agent and Agent 2 via OpenSSL configuration
https://notcve.org/view.php?id=CVE-2025-27237
03 Oct 2025 — In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL. • https://packetstorm.news/files/id/214429 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-27236 – User information disclosure via api_jsonrpc.php on method user.get with param search
https://notcve.org/view.php?id=CVE-2025-27236
03 Oct 2025 — A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to. • https://support.zabbix.com/browse/ZBX-27060 • CWE-863: Incorrect Authorization •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-27231 – LDAP 'Bind password' field value can be leaked by a Zabbix Super Admin
https://notcve.org/view.php?id=CVE-2025-27231
03 Oct 2025 — The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change. • https://support.zabbix.com/browse/ZBX-27062 • CWE-522: Insufficiently Protected Credentials •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-27240 – Secondary-order SQL injection in Zabbix Server when deleting an autoregistered host
https://notcve.org/view.php?id=CVE-2025-27240
12 Sep 2025 — A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field. • https://support.zabbix.com/browse/ZBX-26986 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-27233 – Zabbix Agent 2 smartctl plugin argument injection in Zabbix 6.0 and later.
https://notcve.org/view.php?id=CVE-2025-27233
12 Sep 2025 — Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system. • https://support.zabbix.com/browse/ZBX-26987 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45700 – DoS vulnerability due to uncontrolled resource exhaustion
https://notcve.org/view.php?id=CVE-2024-45700
02 Apr 2025 — Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading to a service crash. • https://support.zabbix.com/browse/ZBX-26253 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45699 – Reflected XSS vulnerability in /zabbix.php?action=export.valuemaps
https://notcve.org/view.php?id=CVE-2024-45699
02 Apr 2025 — The endpoint /zabbix.php?action=export.valuemaps suffers from a Cross-Site Scripting vulnerability via the backurl parameter. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload may be injected into the above endpoint causing it to be executed within the context of the victim's browser. • https://support.zabbix.com/browse/ZBX-26254 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •