CVE-2026-23923

Vulnerability Description

An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.

Related Weaknesses (CWE)

CWE-470

References

https://support.zabbix.com/browse/ZBX-27641

FAQ

What is CVE-2026-23923?

CVE-2026-23923 is a documented vulnerability. An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.

How severe is CVE-2026-23923?

CVSS scoring is not yet available for CVE-2026-23923. Check NVD for updates.

Is there a patch for CVE-2026-23923?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.