SSH Key Exposure in Checkmk Remote Alert Handlers
CVE-2025-65000

2.3LOW

Key Information:

Vendor: Checkmk Gmbh
Status: Checkmk
Vendor: CVE Published:; 18 December 2025

🔔 Create Checkmk Gmbh Vulnerability Alert

What is CVE-2025-65000?

An issue has been identified in Checkmk where SSH private keys associated with the 'Remote alert handlers (Linux)' rule were inadvertently exposed within the HTML source of the rule page. This vulnerability affects Checkmk versions up to and including 2.4.0p18 and all versions of Checkmk 2.3.0, potentially allowing unauthorized access to trigger predefined alert handlers on relevant hosts.

Affected Version(s)

Checkmk 2.4.0 < 2.4.0p18

Checkmk 2.3.0

References

https://checkmk.com/werk/19030

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Nov 12, 2025

JSON