Browse all 83 CVE security advisories affecting Zabbix. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zabbix is an enterprise-class open-source monitoring solution designed for real-time observation of IT infrastructure, including servers, networks, and applications. Its architecture relies on a central server, database, and agents to collect performance metrics and trigger alerts. Historically, the platform has been associated with eighty-three recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving SQL injection, cross-site scripting, and remote code execution flaws. These issues often stem from insufficient input validation within the web interface or improper access controls in API endpoints. While the software itself is robust, its complexity in deployment can introduce configuration weaknesses. Notable incidents have highlighted risks related to privilege escalation and unauthorized data access, emphasizing the need for rigorous patch management. Security audits frequently recommend disabling unused modules and enforcing strict network segmentation to mitigate potential exploitation vectors inherent in its extensive feature set.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-2824 | Zabbix 安全漏洞 — Zabbix Server | 9.8 | - | 2017-05-24 |
This page lists every published CVE security advisory associated with Zabbix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.