Nagios Xi · Nagios Xi · CVE-2025-67255
**Name of the Vulnerable Software and Affected Versions**
NagiosXI version 2026R1.0.1 build 1762361101
**Description**
Dashboard parameters in the software do not have sufficient filtering, which allows authenticated users to exploit a SQL Injection issue. The vulnerability allows unauthorized access to the database through crafted requests to the dashboard.
**Recommendations**
Apply proper filtering to dashboard parameters to prevent SQL Injection attacks.