What is the CVSS score of CVE-2026-2042?

CVE-2026-2042 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 2.2%.

Which versions of Nagios Xi are affected by CVE-2026-2042?

Nagios Host monitoring infrastructure is vulnerable to unauthenticated remote code execution with a CVSS score of 8.8, allowing attackers to gain full system control without a patch currently…

How to fix or mitigate CVE-2026-2042?

Within 24 hours: Inventory all Nagios Host installations and assess exposure to untrusted networks; isolate affected systems to restricted network access only. Within 7 days: Implement network segmentation and WAF rules to restrict access to Nagios interfaces; disable the monitoring wizard component if operationally feasible. Within 30 days: Monitor vendor channels for patch availability; evaluate alternative monitoring solutions; implement enhanced logging and intrusion detection signatures for exploitation attempts.

Nagios Xi CVE-2026-2042

HIGH

OS Command Injection (CWE-78)

2026-02-20 zdi-disclosures@trendmicro.com

RCE Command Injection Nagios Xi

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:04 vuln.today

CVE Published

Feb 20, 2026 - 23:16 nvd

HIGH 8.8

DescriptionCVE.org

Nagios Host monitoringwizard Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability.

The specific flaw exists within the monitoringwizard module. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-28245.

AnalysisAI

Remote code execution in Nagios Xi's monitoringwizard module allows authenticated attackers to execute arbitrary commands through insufficient input validation in system calls. An attacker with valid credentials can exploit this command injection vulnerability to gain code execution with service account privileges on affected installations. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate to Nagios Host

Delivery

Access monitoringwizard module

Exploit

Inject malicious payload in user input

Execution

Execute arbitrary system command

Impact

Gain code execution as service account

Access

Authenticate to Nagios Host

Delivery

Access monitoringwizard module

Exploit

Inject malicious payload in user input

Execution

Execute arbitrary system command

Impact

Gain code execution as service account

Vulnerability AssessmentAI

Exploitation	Valid authentication credentials required. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 8.8 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	A remote attacker could exploit this vulnerability to execute arbitrary code on affected installations of Nagios Host.
Remediation	Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Nagios Host installations and assess exposure to untrusted networks; isolate affected systems to restricted network access only. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-2042 vulnerability details – vuln.today

Back

Nagios Xi CVE-2026-2042

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code