Zabbix is an enterprise open-source monitoring solution for networks and applications. It is designed to monitor and track the status of various network services, servers, and other network hardware.

Zabbix Server

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

Host and event action script input is validated with a regex (set by the administrator), but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-23921	HIGH	8.7	Zabbix Server	cpe:2.3:a:zabbix:zabbix	No	Yes	Mar 24, 2026
CVE-2026-23920	HIGH	7.7	Zabbix Server	zabbix	No	Yes	Mar 24, 2026
CVE-2026-23919	HIGH	7.1	Zabbix Server	zabbix	No	Yes	Mar 24, 2026
CVE-2026-23923	MEDIUM	6.9	Zabbix Server	cpe:2.3:a:zabbix:zabbix	No	No	Mar 24, 2026
CVE-2026-23924	MEDIUM	6.1	Zabbix Server	cpe:2.3:a:zabbix:zabbix	No	No	Mar 24, 2026

CVE-2026-23920:
Zabbix Server vulnerability analysis and mitigation

7.7

Related Zabbix Server vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-23920: Zabbix Server vulnerability analysis and mitigation