Oracle Database Credential Exposure in Zabbix Agent 2
CVE-2026-23927

5.1MEDIUM

Key Information:

Vendor: Zabbix
Status: Zabbix
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-23927?

The vulnerability allows remote attackers to inject an Oracle TNS connection string via the 'service' parameter in Zabbix Agent 2. If a user is able to connect to Agent 2, they may unintentionally establish a connection to a malicious server controlled by the attacker. This exploitation can result in the leakage of Oracle database credentials, particularly if they are stored in a named session. This poses a significant risk, especially in environments where sensitive data is handled.

Affected Version(s)

Zabbix 6.0.0 <= 6.0.44

Zabbix 7.0.0 <= 7.0.23

Zabbix 7.4.0 <= 7.4.7

References

https://support.zabbix.com/browse/ZBX-27759

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
Jan 19, 2026

Credit

Zabbix wants to thank kelsier from clocktwice.com for submitting this report on the HackerOne bug bounty platform.

CVE-2026-23927 Data

JSON