CVE-2026-7765: CWE-863: Incorrect Authorization in Checkmk GmbH Checkmk
CVE-2026-7765 is an incorrect authorization vulnerability in Checkmk versions prior to 2. 5. 0p5 affecting the User Messages dashboard widget. It causes message-fetching endpoints to return the dashboard creator's personal messages instead of the viewer's. An attacker with knowledge of a valid public dashboard share token can exploit this to read the issuer's personal messages by sending requests to the endpoint, even if the User Messages widget is not present on the dashboard.
AI Analysis
Technical Summary
This vulnerability (CWE-863) in Checkmk <2.5.0p5 involves improper authorization checks in the User Messages dashboard widget. Specifically, the message-fetching endpoints do not verify the identity of the viewer correctly and return the dashboard creator's messages. This allows an attacker who knows a valid public dashboard share token to access personal messages of the dashboard issuer by directly querying the underlying endpoint, bypassing intended access controls.
Potential Impact
An attacker who obtains a valid public dashboard share token can read the personal messages of the dashboard creator. This leads to unauthorized disclosure of potentially sensitive information. The vulnerability does not require user interaction or elevated privileges and can be exploited remotely over the network. The CVSS 4.0 base score is 6.3, indicating a medium severity impact primarily due to information disclosure.
Mitigation Recommendations
Patch status is not yet confirmed — no official fix or patch is currently documented by the vendor. Users should monitor the Checkmk vendor advisories for updates and apply any forthcoming patches promptly. Until a fix is available, restrict access to public dashboard share tokens and avoid sharing them widely to reduce exposure.
CVE-2026-7765: CWE-863: Incorrect Authorization in Checkmk GmbH Checkmk
Description
CVE-2026-7765 is an incorrect authorization vulnerability in Checkmk versions prior to 2. 5. 0p5 affecting the User Messages dashboard widget. It causes message-fetching endpoints to return the dashboard creator's personal messages instead of the viewer's. An attacker with knowledge of a valid public dashboard share token can exploit this to read the issuer's personal messages by sending requests to the endpoint, even if the User Messages widget is not present on the dashboard.
CVSS v4.0
Score 6.3medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CWE-863) in Checkmk <2.5.0p5 involves improper authorization checks in the User Messages dashboard widget. Specifically, the message-fetching endpoints do not verify the identity of the viewer correctly and return the dashboard creator's messages. This allows an attacker who knows a valid public dashboard share token to access personal messages of the dashboard issuer by directly querying the underlying endpoint, bypassing intended access controls.
Potential Impact
An attacker who obtains a valid public dashboard share token can read the personal messages of the dashboard creator. This leads to unauthorized disclosure of potentially sensitive information. The vulnerability does not require user interaction or elevated privileges and can be exploited remotely over the network. The CVSS 4.0 base score is 6.3, indicating a medium severity impact primarily due to information disclosure.
Mitigation Recommendations
Patch status is not yet confirmed — no official fix or patch is currently documented by the vendor. Users should monitor the Checkmk vendor advisories for updates and apply any forthcoming patches promptly. Until a fix is available, restrict access to public dashboard share tokens and avoid sharing them widely to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Checkmk
- Date Reserved
- 2026-05-04T09:31:55.031Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a26bda8e29bf47b50e66000
Added to database: 6/8/2026, 1:03:36 PM
Last enriched: 6/8/2026, 1:18:59 PM
Last updated: 6/8/2026, 2:30:29 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.