Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-27236

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.0%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2025-27236
  • Zabbix » Zabbix » Version: 6.0.38
    cpe:2.3:a:zabbix:zabbix:6.0.38
  • Zabbix » Zabbix » Version: 6.0.39
    cpe:2.3:a:zabbix:zabbix:6.0.39
  • Zabbix » Zabbix » Version: 6.0.40
    cpe:2.3:a:zabbix:zabbix:6.0.40
  • Zabbix » Zabbix » Version: 7.0.10
    cpe:2.3:a:zabbix:zabbix:7.0.10
  • Zabbix » Zabbix » Version: 7.0.11
    cpe:2.3:a:zabbix:zabbix:7.0.11
  • Zabbix » Zabbix » Version: 7.0.12
    cpe:2.3:a:zabbix:zabbix:7.0.12
  • Zabbix » Zabbix » Version: 7.0.13
    cpe:2.3:a:zabbix:zabbix:7.0.13
  • Zabbix » Zabbix » Version: 7.0.14
    cpe:2.3:a:zabbix:zabbix:7.0.14
  • Zabbix » Zabbix » Version: 7.0.15
    cpe:2.3:a:zabbix:zabbix:7.0.15
  • Zabbix » Zabbix » Version: 7.0.16
    cpe:2.3:a:zabbix:zabbix:7.0.16
  • Zabbix » Zabbix » Version: 7.0.9
    cpe:2.3:a:zabbix:zabbix:7.0.9
  • Zabbix » Zabbix » Version: 7.2.10
    cpe:2.3:a:zabbix:zabbix:7.2.10
  • Zabbix » Zabbix » Version: 7.2.3
    cpe:2.3:a:zabbix:zabbix:7.2.3
  • Zabbix » Zabbix » Version: 7.2.4
    cpe:2.3:a:zabbix:zabbix:7.2.4
  • Zabbix » Zabbix » Version: 7.2.5
    cpe:2.3:a:zabbix:zabbix:7.2.5
  • Zabbix » Zabbix » Version: 7.2.6
    cpe:2.3:a:zabbix:zabbix:7.2.6
  • Zabbix » Zabbix » Version: 7.2.7
    cpe:2.3:a:zabbix:zabbix:7.2.7
  • Zabbix » Zabbix » Version: 7.2.8
    cpe:2.3:a:zabbix:zabbix:7.2.8
  • Zabbix » Zabbix » Version: 7.2.9
    cpe:2.3:a:zabbix:zabbix:7.2.9
  • Zabbix » Zabbix » Version: 7.4.0
    cpe:2.3:a:zabbix:zabbix:7.4.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved