← Back to CVEs
CVE-2026-23923
N/ADescription
An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.
CVE Details
CVSS v3.1 ScoreN/A
Published3/24/2026
Last Modified3/25/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-470
References
https://support.zabbix.com/browse/ZBX-27641(security@zabbix.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.