icinga
Latest CVEs
The 15 most recently published vulnerabilities affecting icinga.
- CVE-2026-42224ipl/web is vulnerable to reflected XSS by malformed search requests7.6
- CVE-2026-24413Icinga has insecure permission of %ProgramData%\icinga2\var on Windows5.5
- CVE-2025-61909Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user4.4
- CVE-2025-61908Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference6.5
- CVE-2025-61907Icinga 2 API users could access restricted values in filter expressions6.5
- CVE-2025-61789Icinga DB Web hidden/protected custom variables are prone to filter enumeration5.3
- CVE-2025-53840Icinga DB Web Exposure of Sensitive Information to an Unauthorized Actor vulnerability2.4
- CVE-2025-48057Icinga 2 certificate renewal might incorrectly renew an invalid certificate9.8
- CVE-2025-30164Icinga Web 2 has open redirect on login page4.1
- CVE-2025-27609Icinga Web 2 Vulnerable to Reflected XSS5.4
- CVE-2025-27406Icinga Reporting Stored XSS leads to SSRF7.6
- CVE-2025-27405Icinga Web 2 has XSS in embedded content7.6
- CVE-2025-27404Icinga Web 2 DOM-based XSS vulnerability7.6
- CVE-2025-23203Icinga has rest API endpoints accessible to restricted users5.5
- CVE-2024-49369Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections9.8