Ecosystem	Package	Version

Vulnerabilities

CVE-2025-34283

CVE-2025-34283

Nagios XI versions prior to 2024R1.4.2 revealed API keys to users who were not authorized for API access when using Neptune themes. An authenticated user without API privileges could view another user's or their own API key value.

Published Nov 4, 2025

https://www.vulncheck.com/advisories/nagios-xi-api-key-disclosure-via-neptune-themes

CVSS ScoreMedium

6.5

Ecosystem	Package	Version


rpm	nagios	2.12-10.el4
rpm	nagios	2.12-10.el5
rpm	nagios	4.3.2-5.el6
rpm	nagios	4.3.2-8.el7
rpm	nagios	4.3.4-3.el7
rpm	nagios	4.3.4-4.el6
rpm	nagios	4.3.4-5.el7
rpm	nagios	4.3.4-7.el6
rpm	nagios	4.4.10-1.el9
rpm	nagios	4.4.14-1.el7
rpm	nagios	4.4.14-1.el9
rpm	nagios	4.4.14-3.el8
rpm	nagios	4.4.14-4.el9
rpm	nagios	4.4.3-1.el6
rpm	nagios	4.4.3-1.el7
rpm	nagios	4.4.3-3.el6
rpm	nagios	4.4.3-4.el7
rpm	nagios	4.4.3-7.el8
rpm	nagios	4.4.3-7.epel8.playground
rpm	nagios	4.4.5-1.el8
rpm	nagios	4.4.5-1.epel8.playground
rpm	nagios	4.4.5-3.epel8.playground
rpm	nagios	4.4.5-7.el7
rpm	nagios	4.4.6-1.el8
rpm	nagios	4.4.6-2.el7
rpm	nagios	4.4.6-3.el7
rpm	nagios	4.4.6-3.el8
rpm	nagios	4.4.6-4.el7
rpm	nagios	4.4.6-4.el8
rpm	nagios	4.4.6-6.el9
rpm	nagios	4.4.6-7.el9~bootstrap
rpm	nagios	4.4.8-1.el9
rpm	nagios	4.4.9-1.el7
rpm	nagios	4.4.9-1.el8
rpm	nagios	4.4.9-2.el9
rpm	nagios	4.5.9-1.el10_0
rpm	nagios	4.5.9-1.el10_1
rpm	nagios	3.5.1-1.el6
rpm	nagios-common	2.12-10.el4
rpm	nagios-common	2.12-10.el5
rpm	nagios-common	4.3.2-5.el6
rpm	nagios-common	4.3.2-8.el7
rpm	nagios-common	4.3.4-3.el7
rpm	nagios-common	4.3.4-4.el6
rpm	nagios-common	4.3.4-5.el7
rpm	nagios-common	4.3.4-7.el6
rpm	nagios-common	4.4.10-1.el9
rpm	nagios-common	4.4.14-1.el7
rpm	nagios-common	4.4.14-1.el9
rpm	nagios-common	4.4.14-3.el8

CVE-2025-34283 | Components Impacted | Sonatype Guide | Sonatype Guide