Blog Entries

07. 07. 2026 Patrick Harasser Bug Fixes, NetEye

NetEye 4 – Security Advisory (Icinga 2)

Important: Icinga 2 security update Type/Severity NetEye Product Security has rated this update as having a critical security impact. Topic An update for the icinga package is now available for NetEye 4. Security Fix for NetEye 4.48 Summary The vulnerabilities include an authentication bypass leading to privilege escalation via trusted CA impersonation, a stack-based buffer overflow, and an…

Read More
07. 07. 2026 Gabriele Bocchi Bug Fixes, NetEye

NetEye 4 – Security Advisory (Elastic Stack)

Important: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a Medium security impact. Topic An update for the Kibana package is now available for NetEye 4. Security Fix for NetEye 4.48 CVEs All of the 3 CVEs are Denial of Service vulnerabilities that affect Kibana, within the Elastic Stack. Affected Products All…

Read More
01. 07. 2026 Gabriele Bocchi Bug Fixes, NetEye

Bug Fixes for NetEye 4.48

Fix Geo Map layers and maps deletion. We have resolved an issue in the Geo Map module that prevented users from deleting maps and layers through the web interface. List of updated packages To solve the issue mentioned above, the following packages have been updated for NetEye 4.48:

Read More
24. 06. 2026 Gabriele Bocchi Bug Fixes, NetEye

NetEye 4 – Security Advisory (GLPI)

Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.48 Summary The vulnerabilities include two SQL injections, an Arbitrary file deletion, a Privilege Escalation via authtype API manipulation, an Unauthorized debug mode…

Read More
24. 06. 2026 Gabriele Bocchi Bug Fixes, NetEye

Bug Fixes for NetEye 4.48

Fix SLM Reports generation with Object Filter on service custom variables. We have resolved an issue that caused SLM Reports generation to fail when the report was based on a contract whose Object Filter contained expressions on service custom variables (e.g., service.vars.service_system_service~true). The error prevented users from generating or viewing SLM reports for contracts using…

Read More
23. 06. 2026 Damiano Chini Bug Fixes, NetEye

NetEye 4 – Security Advisory (Grafana)

Important: Grafana security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the grafana packages is now available for NetEye 4. Security Fix for NetEye 4.48 Summary A Grafana Editor can overwrite a dashboard not owned by them to acquire admin permission on that specific dashboard. The user…

Read More
12. 06. 2026 Davide Zeni Bug Fixes, NetEye

Bug Fixes for NetEye 4.47

Fix: monitoring links from the Event Overview When opening a link from the Event Overview page, the monitoring URL was supposed to be translated into the corresponding IcingaDB link. The translation was only handled on a simple click, though, so opening the link in a new tab or window (middle-click, Ctrl/Cmd+click, context menu) left the…

Read More
11. 06. 2026 Cecilia Marchi Bug Fixes, NetEye

Bug Fixes for NetEye 4.48

Improve visibility of Feature command state icons Feature command state icons and captions were difficult to see against the white background in the UI. To improve readability and accessibility, we updated the icon and caption colors to provide stronger contrast and better visibility. List of updated packages To solve the issue mentioned above, the following…

Read More
04. 06. 2026 Gabriele Bocchi Bug Fixes, NetEye

NetEye 4 – Security Advisory (Keycloak)

Important: Keycloak security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the keycloak packages is now available for NetEye 4. Security Fix for NetEye 4.48 Summary This vulnerability allows an attacker with a valid signed SAML assertion to inject a malicious encrypted assertion into an unsigned SAML…

Read More
03. 06. 2026 Luigi Miazzo Bug Fixes, NetEye

Bug Fixes for NetEye 4.48

Fix HEAD HTTP method not supported We resolved a compatibility issue affecting HEAD requests to NetEye endpoints. These requests could previously time out because the method was not fully supported by the underlying architecture. As a result, some procedures could fail, including the creation of connectors from the Kibana UI. List of updated packages To…

Read More
27. 05. 2026 Gabriele Bocchi Bug Fixes, NetEye

Bug Fixes for NetEye 4.47

Fix IcingaDB password file sync on all cluster nodes. We have resolved an issue that caused an IcingaDB password file to be present only on one node in a cluster installation. This could lead to failures during NetEye updates and upgrades. List of updated packages To solve the issue mentioned above, the following packages have…

Read More
30. 04. 2026 Luca Tecchio Bug Fixes, NetEye

NetEye 4 – Security Advisory (GLPI)

Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.47 Summary The vulnerabilities include two Stored XSS, an Arbitrary file deletion, an Arbitrary item deletion, Arbitrary files access and two unauthorized actions….

Read More
24. 04. 2026 Davide Zeni Bug Fixes, Front-end, NetEye

Bug Fixes for NetEye 4.47

Node export in the Tornado Processing Tree was broken on Firefox The bug was caused by a divergence between Firefox and Chrome in blob handling with CSP. Issue resolved, behavior is now consistent across both browsers. List of updated packages To solve the issues mentioned above, the following packages have been updated: icingaweb2-module-tornado-3.2.3-1, icingaweb2-module-tornado-autosetup-3.2.3-1, icingaweb2-module-tornado-configurator-3.2.3-1

Read More
16. 04. 2026 Davide Zeni Bug Fixes, Front-end, NetEye

Bug Fixes for NetEye 4.47

Processing Tree Rendering Issue We shipped a fix for a rendering bug in the Tornado UI Processing Tree. Under specific conditions, navigating back to the dashboard after expanding tree nodes caused the tree to render incorrectly nodes would appear collapsed, misaligned, or in a broken state. List of updated packages To solve the issues mentioned…

Read More
15. 04. 2026 Davide Zeni Bug Fixes, Icinga Web 2, NetEye

Bug Fixes for NetEye 4.47

Role Search Now Works in Access Control We’ve fixed the search functionality in the Roles view under Configuration – Access Control, so you can now find roles instantly without any errors. List of updated packages To solve the issues mentioned above, the following packages have been updated: icingaweb2-2.12.4_neteye1.155.2-1, icingaweb2-autosetup-2.12.4_neteye1.155.2-1 icingaweb2-configurator-2.12.4_neteye1.155.2-1

Read More

Archive