| T | Key | Summary | Assignee | Reporter | P | Status | Resolution | Created | Updated | Due | Development |
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
ZBX-27759 | Agent 2 Oracle plugin TNS connection string injection via the 'service' parameter (CVE-2026-23927) |
Zabbix Support Team | Janis Nulle | 
|
Closed | Fixed | ||||
|
|
ZBX-27284 | Frontend DoS vulnerability due to asymmetric resource consumption (CVE-2025-49643) |
Zabbix Support Team | Janis Nulle |
|
Closed | Fixed | ||||
|
|
ZBX-27283 | Agent builds for AIX vulnerable to library loading hijacking (CVE-2025-49642) |
Zabbix Support Team | Janis Nulle |
|
Closed | Fixed | ||||
|
|
ZBX-27282 | Frontend arbitrary file read in oauth.authorize action (CVE-2025-27232) |
Zabbix Support Team | Janis Nulle |
|
Closed | Fixed | ||||
|
|
ZBX-27060 | Zabbix Support Team | Janis Nulle |
|
Closed | Fixed |