AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-49642: Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directo

infovulnerability

security

Source: NVD/CVE DatabaseDecember 1, 2025CVE-2025-49642

Summary

A vulnerability (CVE-2025-49642) in Zabbix Agent on AIX systems allows local users with write access to the /home/cecuser directory to hijack library loading, potentially gaining unauthorized access or modifying the system. This is rated as medium severity (CVSS score of 5.8, a 0-10 vulnerability rating scale) and exploits untrusted search paths (directories the system checks when looking for required files).

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationTrivial

Taxonomy References

CWE (Weakness Type)

CWE-426

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-49642

First tracked: February 15, 2026 at 08:53 PM

Classified by LLM (prompt v3) · confidence: 95%