CVE-2024-36465

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.

Published Oct 10, 2025

https://github.com/CVEProject/cvelistV5/blob/main/cves/2024/36xxx/CVE-2024-36465.json https://support.zabbix.com/browse/ZBX-26257

CVSS ScoreHigh

8.8

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2024-36465

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.

Published Oct 10, 2025

https://github.com/CVEProject/cvelistV5/blob/main/cves/2024/36xxx/CVE-2024-36465.json https://support.zabbix.com/browse/ZBX-26257

CVSS ScoreHigh

8.8

No packages found

Try adjusting your search terms.

Ecosystem	Package	Version

No packages found

Try adjusting your search terms.

Find vulnerabilities. Fix fast with AI.

CVE-2024-36465

CVE-2024-36465

No packages found

No packages found