Browse all 3 CVE security advisories affecting Nagios Enterprises. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nagios Enterprises develops IT infrastructure monitoring software that detects system failures and security anomalies. Historically, its products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and authentication flaws. While no major public security incidents have been widely documented, the three CVEs on record highlight potential risks in web interfaces and configuration management. The platform's extensive monitoring capabilities provide security teams with visibility into system health but require regular patching to address identified vulnerabilities. Its open-source core has undergone extensive community scrutiny, while the enterprise version offers additional support and features for complex deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-34288 | Nagios XI Privilege Escalation via Writable PHP Include Executed with Sudo — Nagios XICWE-732 | 7.8AI | HighAI | 2025-12-16 |
| CVE-2012-10029 | Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection — Nagios XI Graph ExplorerCWE-78 | 8.8AI | HighAI | 2025-08-05 |
| CVE-2016-8641 | Nagios 后置链接漏洞 — nagiosCWE-59 | 7.8 | - | 2018-08-01 |
This page lists every published CVE security advisory associated with Nagios Enterprises. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.