Frontend

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-49643 MEDIUM PATCH This Month

An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.

PHP Denial Of Service Ubuntu Debian Frontend +1
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-27232 MEDIUM PATCH This Month

An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.

SSRF Ubuntu Debian Frontend Redhat +1
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-49643
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.

PHP Denial Of Service Ubuntu +3
NVD
CVE-2025-27232
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.

SSRF Ubuntu Debian +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy