Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / nagios

nagios

301 tracked vulnerabilities.

CVE-2026-2043 HIGH

Nagios Host - Command Injection RCE

CVE-2026-2042 HIGH

Nagios Host - Command Injection RCE

CVE-2026-2041 HIGH

Nagios Host - Command Injection RCE

CVE-2025-67255 HIGH

Nagios XI 2026R1.0.1 - Authenticated SQL Injection via Dashboard Parameters

CVE-2025-67254 HIGH

Nagios XI 2026R1.0.1 - Path Traversal via coreconfigsnapshots.php

CVE-2025-34288 MEDIUM

Nagios XI < 2026R1.1 - Local Privilege Escalation via Sudo and Writable PHP Include

CVE-2025-34323 HIGH

Nagios Log Server < 2026R1.0.1 - Local Privilege Escalation via Sudo Misconfiguration and Group-Writable Scripts

CVE-2025-34322 HIGH

Nagios Log Server < 2026R1.0.1 - Authenticated OS Command Injection via Natural Language Queries

CVE-2025-34298 HIGH

Nagios Log Server < 2024R1.3.2 - Privilege Escalation via Email Change Workflow

CVE-2025-34287 HIGH

Nagios XI < 2024R2 - Local Privilege Escalation via Improperly Owned process_perfdata.pl Script

CVE-2025-34286 HIGH

Nagios XI < 2026R1 - Authenticated Remote Code Execution via Core Config Manager Run Check Command

CVE-2025-34284 HIGH

Nagios XI < 2024R2 - Authenticated OS Command Injection via WinRM Plugin

CVE-2025-34283 MEDIUM

Nagios XI <2024R1.4.2 - Info Disclosure

CVE-2025-34280 HIGH

Nagios Network Analyzer < 2024R2.0.1 - Authenticated Remote Code Execution via LDAP Certificate Removal

CVE-2025-34278 MEDIUM

Nagios Network Analyzer < 2024 - Stored Cross-Site Scripting in Source Groups Percentile Calculator Menu

CVE-2025-34277 CRITICAL

Nagios Log Server < 2024R1.3.1 - Remote Code Execution via Malformed Dashboard ID

CVE-2025-34274 CRITICAL

Nagios Log Server <2024R2.0.3 - Privilege Escalation

CVE-2025-34273 MEDIUM

Nagios Log Server < 2024R2.0.3 - Incorrect Authorization for Global Dashboard Deletion

CVE-2025-34272 MEDIUM

Nagios Log Server < 2024R2.0.3 - Unauthorized Information Exposure via Default Dashboard Fallback

CVE-2025-34271 CRITICAL

Nagios Log Server < 2024R2.0.2 - Cleartext Transmission of Sensitive Credentials via Cluster Manager

CVE-2025-34270 MEDIUM

Nagios Log Server < 2024R2.0.2 - Insufficiently Protected Credentials in AD/LDAP User Import

CVE-2025-34135 MEDIUM

Nagios XI < 2024R1.4.2 - Overly Permissive Systemd Unit File Permissions

CVE-2025-34134 HIGH

Nagios XI < 2024R1.4.2 - Authenticated Remote Code Execution via BPI Configuration Parameters

CVE-2025-60425 HIGH

Nagios Fusion <2024R2 - Session Hijacking

CVE-2025-60424 HIGH

Nagios Fusion <2024R2 - Auth Bypass

Page 1 of 13 Next

Products

nagios_xi 192 nagios 37 log_server 23 fusion 19 network_analyzer 7 nagios_core 5 XI 3 incident_manager 3 plugins 3 remote_plug_in_executor 3 Log Server 2 Nagios XI 2 favorites 2 nagios_cross_platform_agent 2 business_process_intelligence 1 nagios_network_analyzer 1 nagios_xi_docker_wizard 1 nagios_xi_switch_wizard 1 nagios_xi_watchguard_wizard 1 ndoutils 1 remote_plugin_executor 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy