- How many CVEs does Nagios have?
- Nagios has 303 published CVE records since 2005, including 124 in the last two years.
- How many Nagios CVEs are in CISA KEV?
- Yes — 4 of Nagios's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which Nagios products have the most CVEs?
- The Nagios products with the most published CVEs are Nagios XI, XI, nagios, Log Server, Fusion.
- What are the most common weakness types in Nagios CVEs?
- Nagios's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-269 (Improper Privilege Management).
- Are there public exploits for Nagios vulnerabilities?
- Yes — 74 of Nagios's CVEs have a known public exploit.
- How many critical Nagios vulnerabilities are there?
- Nagios has 55 critical and 101 high-severity CVEs.
- What is the average severity of Nagios CVEs?
- The average CVSS base score across Nagios's scored CVEs is 7.1.