CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames.
CVE-2024-47090
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to XSS
CVE-2024-38866
Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection