An update for the package lampod is now available for NetEye 4.
NetEye Product Security has rated this update as having a security impact of Important. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating.
Description
lampod is a NetEye package used for searching across the most important entities such as hosts, configurations etc.
An improper input validation causes Cross Site Scripting when the element is displayed in lampo navigation (CWE-79)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the links listed in the References section.
Solution
Update lampod to latest version (1.1.2-1).
For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section inside the User Guide.
Affected Products
All NetEye 4.x versions prior to and including 4.30
Fixing Misplaced Plugin Output in Icinga Web Interface When plugin output contained HTML content (like links), it was incorrectly displayed near the service name instead of in the Plugin Output section. The plugin output section now correctly renders all content. Read More
Icinga Director Now Responsive During Configuration Deployments Previously, users were unable to interact with Icinga Director while configuration deployments were running. Any attempt to access the interface or API would be blocked until the deployment completed, causing unnecessary delays in Read More
Important: Grafana security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the Grafana packages is now available for NetEye 4. Security Fix for NetEye 4.46 12.0.9_neteye3.29.1-1 CVEs CVE-2026-21720CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H The CVE is about Read More
Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the GLPI packages is now available for NetEye 4. Security Fix for NetEye 4.46 10.0.23_neteye1.17.5-1 CVEs CVE-2026-22044CVSS:Reserved CVE-2026-23624CVSS:Reserved The CVEs include Read More
Fix unnecessary action retries in Tornado's Smart Monitoring component We fixed a bug affecting Tornado in NetEye 4.45 for a specific edge case in Tornado's Smart Monitoring component that was causing unnecessary system overhead and log bloat. Specifically, when Tornado Read More
