16. 01. 2026 Gabriele Bocchi Bug Fixes, NetEye

NetEye 4 – Security Advisory (Elastic Stack)

Important: Elastic Stack security update

Type/Severity

NetEye Product Security has rated this update as having a High security impact.

Topic

An update for the elastic-stack packages (elasticsearch, kibana, filebeat, logstash and elastic-agent) is now available for NetEye 4.

Security Fix for NetEye 4.45

  • 9.2.4_neteye3.88.10-1

CVEs

  1. CVE-2025-66566
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  2. CVE-2026-0532
    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
  3. CVE-2026-0543
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  4. CVE-2026-0531
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  5. CVE-2026-0530
    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  6. CVE-2026-0529
    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  7. CVE-2026-0528
    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The CVEs include an Information Disclosure vulnerability, a Server-Side Request Forgery and 5 Denial of Service vulnerabilities.

For a detailed overview of the security issues, including the impact, CVSS score, acknowledgments, and other relevant information, please refer to the links provided in the references section.

For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section in the User Guide.

Affected Products

All NetEye 4.x versions >= 4.8

References

Gabriele Bocchi

Gabriele Bocchi

Software Engineer - IT System & Service Management Solutions at Würth IT Italy

Author

Gabriele Bocchi

Software Engineer - IT System & Service Management Solutions at Würth IT Italy

Latest posts by Gabriele Bocchi

04. 06. 2026 Bug Fixes, NetEye
NetEye 4 – Security Advisory (Keycloak)
27. 05. 2026 Bug Fixes, NetEye
Bug Fixes for NetEye 4.47
27. 03. 2026 Automation, Development, DevOps, NetEye
From Private to Public: Building a Secure GitHub Organization
18. 12. 2025 Automation, Development, NetEye
From Patch to Package: How a Small Fix Becomes a Trusted RPM
30. 09. 2025 Automation, Development, DevOps
How to Set Up Safe, Automatic Dependency Updates in Your Projects
See All

Related Content

Tags: , , ,

12. 06. 2026 Bug Fixes, NetEye

Bug Fixes for NetEye 4.47

Fix: monitoring links from the Event Overview When opening a link from the Event Overview page, the monitoring URL was supposed to be translated into the corresponding IcingaDB link. The translation was only handled on a simple click, though, so Read More
11. 06. 2026 Bug Fixes, NetEye

Bug Fixes for NetEye 4.48

Improve visibility of Feature command state icons Feature command state icons and captions were difficult to see against the white background in the UI. To improve readability and accessibility, we updated the icon and caption colors to provide stronger contrast Read More
10. 06. 2026 Unified Monitoring

Transform Metrics into Alerts

Rarely has a title been more fitting: Transform metrics into alerts. It's not just a description of what the system does – it's also the exact name of the Elastic tool that makes it possible. Transforms, in their technical meaning, Read More
04. 06. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Keycloak)

Important: Keycloak security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the keycloak packages is now available for NetEye 4. Security Fix for NetEye 4.48 26.6.2_neteye1.40.0-1 Summary This vulnerability allows an attacker Read More
03. 06. 2026 Bug Fixes, NetEye

Bug Fixes for NetEye 4.48

Fix HEAD HTTP method not supported We resolved a compatibility issue affecting HEAD requests to NetEye endpoints. These requests could previously time out because the method was not fully supported by the underlying architecture. As a result, some procedures could Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive