Q: What is the authoritative source for CVE-2022-46836?

CVE-2022-46836 (CVE-2022-46836) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

Question 1

What is CVE-2022-46836 — CVE-2022-46836?

Accepted Answer

PHP code injection in watolib auth.php and hosttags.php in Tribe29's Checkmk <= 2.1.0p10, Checkmk <= 2.0.0p27, and Checkmk <= 1.6.0p29 allows an attacker to inject and execute PHP code which will be executed upon request of the vulnerable component.

Question 2

What is the authoritative source for CVE-2022-46836?

Accepted Answer

CVE-2022-46836 (CVE-2022-46836) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	9.1 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
EPSS	1.13% probability of exploitation · percentile 62.1% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-46836CVE-2022-46836

Description

Scoring