{"id":"CVE-2026-23925","details":"An authenticated Zabbix user (User role) with template/host write permissions is able to create objects via the configuration.import API. This can lead to confidentiality loss by creating unauthorized hosts. Note that the User role is normally not sufficient to create and edit templates/hosts even with write permissions.","modified":"2026-07-15T06:01:17.749938Z","published":"2026-03-06T09:15:56.100Z","references":[{"type":"REPORT","url":"https://support.zabbix.com/browse/ZBX-27567"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zabbix/zabbix","events":[{"introduced":"5203d2ea7d901cd33d148f20586e2155901a7faa"},{"fixed":"40573c111594a4a96aee6c4670e4df252d278bb7"},{"introduced":"49955f1fb5c9168a8a24b053f7ade6b3d903143c"},{"fixed":"8b4aa26fa68942f084dffe7b3ee92240716668e1"},{"introduced":"372a4e93c48ecd25aa666949a055a02369031861"},{"fixed":"7aa4e0782fe054d939732d2a5fd76454c2048b7b"}],"database_specific":{"cpe":"cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"6.0.0"},{"fixed":"6.0.41"},{"introduced":"7.0.0"},{"fixed":"7.0.18"},{"introduced":"7.4.0"},{"fixed":"7.4.2"}],"source":"CPE_RANGE"}}],"versions":["7.0.18rc2","7.4.2rc2","7.0.18rc1","7.4.2rc1","6.0.41rc1","7.4.1","7.0.17","7.4.1rc1","7.0.17rc2","7.0.17rc1","7.0.15","7.0.16","7.4.0","7.0.14","7.0.14rc1","6.0.39","7.0.13","7.0.13rc1","6.0.40","7.0.12","7.0.12rc1","7.0.11","7.0.11rc2","7.0.11rc1","6.0.40rc1","7.0.10","7.0.10rc1","6.0.39rc1","6.0.38","7.0.9","7.0.9rc2","6.0.38rc1","7.0.9rc1","7.0.8","7.0.8rc2","7.0.8rc1","7.0.7","7.0.7rc1","7.0.6","7.0.6rc1","6.0.37","6.0.37rc1","6.0.36","6.0.36rc1","6.0.35","7.0.5","6.0.35rc1","7.0.5rc1","6.0.34","6.0.34rc2","7.0.4","7.0.4rc1","6.0.34rc1","7.0.3","6.0.33rc1","6.0.33","7.0.3rc1","7.0.2","7.0.2rc2","7.0.2rc1","7.0.1","7.0.1rc2","6.0.32","7.0.1rc1","6.0.32rc1","6.0.31","6.0.31rc1","7.0.0","6.0.30","6.0.30rc1","6.0.29","6.0.29rc1","6.0.28","6.0.28rc1","6.0.27rc1","6.0.27","6.0.26","6.0.26rc1","6.0.25","6.0.25rc1","6.0.23","6.0.23rc1","6.0.22","6.0.22rc1","6.0.21","6.0.21rc1","6.0.20","6.0.20rc1","6.0.19","6.0.19rc1","6.0.18rc1","6.0.18","6.0.17","6.0.17rc2","6.0.17rc1","6.0.16","6.0.16rc1","6.0.15","6.0.15rc2","6.0.15rc1","6.0.14","6.0.14rc2","6.0.14rc1","6.0.13","6.0.13rc1","6.0.12","6.0.12rc2","6.0.12rc1","6.0.11","6.0.11rc2","6.0.11rc1","6.0.10rc1","6.0.10","6.0.10rc2","6.0.9","6.0.9rc2","6.0.9rc1","6.0.8","6.0.8rc2","6.0.8rc1","6.0.7","6.0.1","6.0.7rc1","6.0.6","6.0.6rc1","6.0.5","6.0.5rc1","6.0.4","6.0.4rc1","6.0.3","6.0.3rc1","6.0.2","6.0.2rc1","6.0.1rc4","6.0.1rc3","6.0.1rc2","6.0.1rc1","6.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-23925.json","vanir_signatures_modified":"2026-07-15T06:01:17Z","vanir_signatures":[{"deprecated":false,"digest":{"line_hashes":["144105446701650039828489585829017102713","275017799864624664550842864247300158979","149435833977353296812343392589762127376","92344100815198855778332463837559580297","99369761891446466830579167326090115898","36294681310094952528409578829069555347"],"threshold":0.9},"id":"CVE-2026-23925-65615939","signature_type":"Line","signature_version":"v1","source":"https://github.com/zabbix/zabbix/commit/7aa4e0782fe054d939732d2a5fd76454c2048b7b","target":{"file":"src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"}},{"deprecated":false,"digest":{"line_hashes":["325917972473406897390570734654822558102","32125530311294618412795821730601240268","214429688795761123913020144086386275717","14426496466396500284409442427146005275","180304062375870730933102632908758537579","177053738308140582317940139342598434556"],"threshold":0.9},"id":"CVE-2026-23925-7cec23a1","signature_type":"Line","signature_version":"v1","source":"https://github.com/zabbix/zabbix/commit/8b4aa26fa68942f084dffe7b3ee92240716668e1","target":{"file":"src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"}},{"source":"https://github.com/zabbix/zabbix/commit/40573c111594a4a96aee6c4670e4df252d278bb7","target":{"file":"src/zabbix_java/src/com/zabbix/gateway/GeneralInformation.java"},"deprecated":false,"digest":{"line_hashes":["312614962226865881994625562760193464620","243857299040616033543277099011018562380","115047375198210276379139485775260446152","131652300589887294827463178296045152164","24451493220463986177515936334733341608","22616098638544051939022181165573400285"],"threshold":0.9},"id":"CVE-2026-23925-eda0a3f5","signature_type":"Line","signature_version":"v1"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}