Security Advisory

CVE-2026-23924

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-24 18:30:00

Last updated 2026-03-25 19:25:38

Assigner Zabbix

State PUBLISHED

Description

Zabbix Agent 2 Docker plugin does not properly sanitize the docker.container_info parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API.

← Browse all CVEs View on cve.org ↗