CVE-2025-65000 LOW

CVE-2025-65000: Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule

Vendor Checkmk Gmbh
Product Checkmk
Weakness CWE-212
Published December 18, 2025
Last update December 18, 2025

CVSS base score

2.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:L

What the vulnerability does

01Description

SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML source in Checkmk <= 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed.

Key dates

02Disclosure timeline

December 18, 2025 CVE published
December 18, 2025 Record updated