Checkmk Vulnerabilities
Comprehensive security vulnerability database for Checkmk products
3
0
3
1
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-24097 | 5.3 | This vulnerability allows an attacker who is already logged into Checkmk to find out details about existing hosts by looking at different responses from the system. It occurs because the system doesn't properly check permissions, making it easier for these users to access sensitive information. | checkmkcheckmk | Exploit Available | 25 days agoMar 13, 2026 |
| CVE-2026-3103 | 5.3 | A low-privileged user can exploit a flaw in Checkmk to unintentionally delete important data. This issue affects specific older versions of the software, so users running those versions should update to avoid potential data loss. | checkmkcheckmk | Exploit Available | about 1 month agoMar 4, 2026 |
| CVE-2025-64999 | 7.3 | This vulnerability allows an attacker to inject malicious JavaScript into the monitoring logs of Checkmk, which can then be accessed through a specially crafted phishing link. To exploit this, the attacker needs to manipulate the output from a monitored host, making it essential for them to have some level of access to the system. | checkmkcheckmk | Exploit Available | about 1 month agoFeb 26, 2026 |
About Checkmk Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Checkmk products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.