CVE-2026-33455

Publication date 10 April 2026

Last updated 10 April 2026

Ubuntu priority

Medium

Why this priority?

Description

Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated attacker to inject livestatus commands via the search query due to insufficient input sanitization in search filter plugins.

Status

Package Ubuntu Release Status
check-mk 25.10 questing Not in release
24.04 LTS noble Not in release
22.04 LTS jammy Not in release
18.04 LTS bionic
Needs evaluation
16.04 LTS xenial
Needs evaluation

References

Other references

Access our resources on patching vulnerabilities