openITCOCKPIT Community Edition

vopenITCOCKPIT-5.5.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 1mo Monitoring & Metrics

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

monitoring monitoring-tool naemon nagios observability prometheus

Summary

AI summary

CVE-2026-24893 fixes authenticated command injection leading to remote code execution.

Full changelog

Changelog - openITCOCKPIT - 5.5.2

Security

Security: CVE-2026-24893 Authenticated Command Injection Leading to Remote Code Execution via Host Address Macro Expansion

Many thanks to @h00die-gr3y for responsibly disclosing these vulnerabilities to us.

Refactoring

Remove it-novum from openITCOCKPIT Monitoring Agent

New Features

add check_diskstats to openitcockpit-community-plugins package
EventcorrelationModule: Summary event correlations widget

Improvements

MapModule: Calculate default map height in map widget based on widget height

Bug fixes

Hosts index: empty pdf and csv lists if regex filter is applied

Blog post: https://openitcockpit.io/blog/posts/2026/2026-04-14-openitcockpit-agent-3.6.0-and-5.5.2/

Security Fixes

CVE-2026-24893 — Authenticated Command Injection Leading to Remote Code Execution via Host Address Macro Expansion

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track openITCOCKPIT Community Edition

Get notified when new releases ship.

About openITCOCKPIT Community Edition

Monitoring Suite featuring seamless integrations with Naemon, Checkmk, Grafana and more.

All releases →