Vulnerability in Checkmk Gmbh
CVE-2026-2859
Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL) allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deploy_agent endpoint…
EPSS: 0.001 (17.3th percentile) — read the EPSS interpretation.
Affected products
- Checkmk Gmbh — versions 2.4.0, 2.3.0, 2.2.0