{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33457", "assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f", "state": "PUBLISHED", "assignerShortName": "Checkmk", "dateReserved": "2026-03-20T10:30:13.353Z", "datePublished": "2026-04-10T08:31:35.768Z", "dateUpdated": "2026-04-10T12:47:24.094Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Checkmk", "vendor": "Checkmk GmbH", "versions": [{"lessThan": "2.5.0b4", "status": "affected", "version": "2.5.0", "versionType": "semver"}, {"lessThan": "2.4.0p26", "status": "affected", "version": "2.4.0", "versionType": "semver"}, {"lessThan": "2.3.0p47", "status": "affected", "version": "2.3.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value."}], "impacts": [{"capecId": "CAPEC-15", "descriptions": [{"lang": "en", "value": "CAPEC-15: Command Delimiters"}]}], "metrics": [{"cvssV4_0": {"baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "version": "4.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-140", "description": "CWE-140: Improper Neutralization of Delimiters", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f", "shortName": "Checkmk", "dateUpdated": "2026-04-10T08:31:35.768Z"}, "references": [{"url": "https://checkmk.com/werk/17990", "tags": ["vendor-advisory"]}], "title": "Potential livestatus injection in prediction graph page", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.5.0", "versionEndExcluding": "2.5.0b4"}, {"vulnerable": true, "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.4.0", "versionEndExcluding": "2.4.0p26"}, {"vulnerable": true, "criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.3.0", "versionEndExcluding": "2.3.0p47"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-10T12:47:16.276874Z", "id": "CVE-2026-33457", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T12:47:24.094Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33457", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-10T12:47:16.276874Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-10T12:47:20.307Z"}}], "cna": {"title": "Potential livestatus injection in prediction graph page", "impacts": [{"capecId": "CAPEC-15", "descriptions": [{"lang": "en", "value": "CAPEC-15: Command Delimiters"}]}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"}}], "affected": [{"vendor": "Checkmk GmbH", "product": "Checkmk", "versions": [{"status": "affected", "version": "2.5.0", "lessThan": "2.5.0b4", "versionType": "semver"}, {"status": "affected", "version": "2.4.0", "lessThan": "2.4.0p26", "versionType": "semver"}, {"status": "affected", "version": "2.3.0", "lessThan": "2.3.0p47", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://checkmk.com/werk/17990", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-140", "description": "CWE-140: Improper Neutralization of Delimiters"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.5.0b4", "versionStartIncluding": "2.5.0"}, {"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.4.0p26", "versionStartIncluding": "2.4.0"}, {"criteria": "cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.3.0p47", "versionStartIncluding": "2.3.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f7d6281c-4801-44ce-ace2-493291dedb0f", "shortName": "Checkmk", "dateUpdated": "2026-04-10T08:31:35.768Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33457", "state": "PUBLISHED", "dateUpdated": "2026-04-10T12:47:24.094Z", "dateReserved": "2026-03-20T10:30:13.353Z", "assignerOrgId": "f7d6281c-4801-44ce-ace2-493291dedb0f", "datePublished": "2026-04-10T08:31:35.768Z", "assignerShortName": "Checkmk"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47 allows an authenticated user to inject arbitrary Livestatus commands via a crafted service name parameter due to insufficient sanitization of the service description value."}], "id": "CVE-2026-33457", "lastModified": "2026-04-10T09:16:24.630", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security@checkmk.com", "type": "Secondary"}]}, "published": "2026-04-10T09:16:24.630", "references": [{"source": "security@checkmk.com", "url": "https://checkmk.com/werk/17990"}], "sourceIdentifier": "security@checkmk.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-140"}], "source": "security@checkmk.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[2.5.0,2.5.0b4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[2.4.0,2.4.0p26)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[2.3.0,2.3.0p47)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Checkmk", "source": "cna", "vendor": "Checkmk GmbH"}, "product": "checkmk", "vendor": "checkmk"}], "analysis": {"en": {"generated_at": "2026-04-10T09:20:37.425513+00:00", "value": {"mitigation_remediation": ["Upgrade Checkmk to version 2.5.0b4 or newer", "Confirm that the prediction graph page is no longer vulnerable after the update", "If an immediate upgrade is not possible, restrict authenticated user access and monitor for unusual Livestatus activity"], "summary": {"action": "Patch Now", "impact": "Command Injection"}, "threat_synthesis": {"affected_systems": "The affected product is Checkmk by Checkmk GmbH. Versions before 2.5.0b4, before 2.4.0p26, and before 2.3.0p47 are vulnerable. It specifically affects the prediction graph interface where service names are processed.", "description_and_impact": "The vulnerability arises from inadequate sanitization of the service description field on the prediction graph page, allowing an authenticated user to inject arbitrary Livestatus commands. This could let the attacker execute unintended commands within the Checkmk environment, potentially exposing sensitive monitoring data or manipulating the system\u2019s state, thereby compromising data integrity and confidentiality. The weakness aligns with a command injection attack.", "risk_and_exploitability": "The CVSS score of 5.3 indicates a moderate severity. EPSS data is unavailable, and the vulnerability is not listed in CISA\u2019s KEV catalog. The attack requires an authenticated Checkmk session and manipulation of the service name parameter; once achieved, arbitrary Livestatus commands can be executed. The risk of exploitation is moderate and depends on attacker access to a valid user account."}}}}, "created": "2026-04-10T09:26:21.555204+00:00", "updated": "2026-04-10T14:40:52.168378+00:00", "vendors": ["checkmk", "checkmk$PRODUCT$checkmk"]}