CVE-2025-27238

Published: Sep 12, 2025

Modified: Sep 15, 2025

PUBLISHED

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them.

Vendor	Product	Versions
Zabbix	Zabbix	affected `7.0.0 - <= 7.0.13` affected `7.2.0 - <= 7.2.7`

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.