Home > Vulnerability Database > CVE-2025-32916

Mend.io Vulnerability Database

CVE-2025-32916

Good to know:

Date: October 9, 2025

Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions <2.4.0p13, <2.3.0p38, <2.2.0p46, and 2.1.0 (EOL) may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as browser history or web server logs.

Severity Score

2.8

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-32916

Url: https://checkmk.com/werk/17105

Url: https://www.mend.io/vulnerability-database/CVE-2025-32916

Severity Score

2.8

Weakness Type (CWE)

Use of GET Request Method With Sensitive Query Strings

CWE-598

Top Fix

Upgrade Version

Upgrade to version https://github.com/Checkmk/checkmk.git - v2.2.0p46;https://github.com/Checkmk/checkmk.git - v2.3.0p38;https://github.com/Checkmk/checkmk.git - v2.4.0p13

Learn More

CVSS v3.1

Base Score:	2.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-32916

Good to know:

Date: October 9, 2025

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?