What is the CVSS score of CVE-2025-32918?

CVE-2025-32918 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.1%.

Which versions of Ubuntu are affected by CVE-2025-32918?

Organizations using autocomplete endpoint within the RestAPI of Checkmk face significant risk from CVE-2025-32918 rated CVSS 8.8.. A patch is available.

How to fix or mitigate CVE-2025-32918?

Within 7 days: Identify all affected systems running autocomplete endpoint within the RestAPI of Checkmk and apply vendor patches promptly. Monitor vendor channels for patch availability.

Ubuntu CVE-2025-32918

EUVD-2025-19936 HIGH

Improper Neutralization of Delimiters (CWE-140)

2025-07-04 security@checkmk.com

Code Injection Debian Ubuntu Checkmk

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 16, 2026 - 02:42 euvd

EUVD-2025-19936

Analysis Generated

Mar 16, 2026 - 02:42 vuln.today

CVE Published

Jul 04, 2025 - 08:15 nvd

HIGH 8.8

DescriptionNVD

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.

AnalysisAI

A security vulnerability in autocomplete endpoint within the RestAPI of Checkmk (CVSS 8.8) that allows an authenticated user. High severity vulnerability requiring prompt remediation.

Technical ContextAI

Vulnerability type not specified by vendor. CVSS 8.8 indicates high severity. Affects autocomplete endpoint within the RestAPI of Checkmk.

RemediationAI

Monitor vendor channels for patch availability.

More from same product – last 7 days

CVE-2026-47269 HIGH This Week

7.4 May 27

Authentication-context bypass in pam_usb before 0.9.0 lets a person holding an enrolled USB device authenticate over SSH

CVE-2026-47271 MEDIUM This Month

5.1 May 27

pam_usb prior to 0.9.0 crashes under memory pressure due to assert()-based OOM guards in src/mem.c that are silently str

CVE-2026-45898 Awaiting Data

May 27

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removin

CVE-2026-45924 Awaiting Data

May 27

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbd_vfs_kern_path_end_removing() on s

CVE-2026-45965 Awaiting Data

May 27

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix invalid deref of rawdata when export_

Vendor StatusVendor

Ubuntu

Priority: Medium

check-mk

Release	Status	Version
xenial	needs-triage	-
bionic	needs-triage	-
jammy	DNE	-
noble	DNE	-
oracular	DNE	-
plucky	DNE	-
upstream	needs-triage	-
questing	DNE	-

Debian

check-mk

Release	Status	Fixed Version	Urgency
(unstable)	fixed	(unfixed)	-

CVE-2025-32918 vulnerability details – vuln.today

Back

Ubuntu CVE-2025-32918

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Vendor StatusVendor

Ubuntu

Debian

Share

External POC / Exploit Code