Vulnerability in Icinga Icinga2

CVE-2025-61909

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped with Icinga 2 read the PID of the main…

EPSS: 0.000 (8.1th percentile) — read the EPSS interpretation.

Affected products

Icinga Icinga2 — versions >=2.10.0, < 2.13.13, >=2.14.0, < 2.14.7, >=2.15.0, < 2.15.1

Weakness classification (CWE)

CWE-250

References

https://github.com/Icinga/icinga2/security/advisories/GHSA-pg6g-g99v-mw46 (x_refsource_CONFIRM)
https://github.com/Icinga/icinga2/issues/10527 (x_refsource_MISC)
https://github.com/Icinga/icinga2/commit/51ec73cbd922a76fc0f60e1d8d33acd7caa5d587 (x_refsource_MISC)
https://icinga.com/blog/releasing-icinga-2-v2-15-1-2-14-7-and-2-13-13-and-icinga-db-web-v1-2-3-and-1-1-4 (x_refsource_MISC)