{
  "modified": "2025-09-15T15:21:42Z",
  "published": "2025-09-12T11:15:31Z",
  "id": "CVE-2025-27234",
  "details": "Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.",
  "references": [
    {
      "type": "WEB",
      "url": "https://support.zabbix.com/browse/ZBX-26985"
    }
  ]
}