- What is the Zabbix CNA?
- Zabbix is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 72 CVE records since 2022.
- How many CVEs has Zabbix published?
- Zabbix has published 72 CVE records, including 39 in the last two years.
- What is Zabbix's CVE data quality grade?
- RadicalNotion.AI grades Zabbix's CVE data quality as A, with an overall completeness score of 99.7%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (98.6%) information.
- What products does Zabbix publish CVEs for?
- Zabbix most frequently publishes CVEs for Zabbix, Frontend, fedora, debian linux, Zabbix Server.
- Which vendors does Zabbix cover?
- Zabbix publishes CVEs across 2 distinct vendors, most often Zabbix, fedoraproject, debian, microsoft.
- Is Zabbix actively publishing CVEs?
- Zabbix is currently active, based on 39 CVEs in the last two years.
- What is the average severity of Zabbix's CVEs?
- The average CVSS base score across Zabbix's scored CVEs is 5.7.
- How many critical CVEs has Zabbix published?
- Zabbix has published 15 critical-severity CVEs and 23 high-severity CVEs.
- Are any of Zabbix's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- Yes. 2 of Zabbix's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
- What are the most common weakness types in Zabbix's CVEs?
- Zabbix's CVEs most often map to these CWE weakness types: CWE-20 (Improper Input Validation), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-94 (Improper Control of Generation of Code ('Code Injection')).
- How does Zabbix rank among CNAs?
- By total CVE volume, Zabbix ranks #141 of 370 CNAs, and it reports more complete CVE records than 57% of all CNAs.