Icinga Icinga-Powershell-Framework vulnerabilities

CVE-2026-24414 [MEDIUM] CWE-276 Icinga for Windows certificate can have too-open permissions Icinga for Windows certificate can have too-open permissions The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows `certificate` directory grant every user read access, which results in the exposure of private key of the Icinga cert

CVE-2026-24413 [MEDIUM] CWE-276 CVE-2026-24413: Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.1 Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the `%ProgramData%\icinga2\var` folder on Windows. This resulted in the its contents - including the private key of the user and synced configuration - being readable by a