Explore the latest product updates and best practices at our hybrid Checkmk Conference #12 from June 16-18, 2026 – Register here
back to website

Werk #17988: Livestatus injection in monitoring quicksearch

Component Core & setup
Title Livestatus injection in monitoring quicksearch
Date Mar 20, 2026
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.6.0b1
Not yet released 		Checkmk Community, Checkmk Pro, Checkmk Ultimate, Checkmk Cloud, Checkmk Ultimate MT
2.5.0b4 Checkmk Community, Checkmk Pro, Checkmk Ultimate, Checkmk Cloud, Checkmk Ultimate MT

Before this fix, the monitoring quicksearch did not properly sanitize user input in its search filter plugins, allowing a malicious, authenticated user to inject livestatus commands via the search query.

With this fix, all user-supplied values are sanitized before being interpolated into livestatus filter headers.

This issue was found during internal review.

Affected Versions: * 2.5.0

Vulnerability Management:

We have rated the issue with a CVSS score of 5.3 (Medium) with the following CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N, and assigned CVE-2026-33455.

To the list of all Werks