Zabbix developers have released security update to address a dangerous security vulnerability (CVE-2024-42327) exploited in the wild. The bug allows remote attackers to gain control of Zabbix servers through the platform API. Exploitation of this vulnerability could lead to SQL injection and elevation of privilege. These security issues are fixed in Zabbix version 6.0.0-6.0.31 (fixed in 6.0.32rc1), 6.4.0-6.4.16 (fixed in 6.4.17rc1), 7.0.0 (fixed in 7.0.1rc1).  More information on vulnerabilities and updates is available in Zabbix security advisories – zabbix.com.