librenms/librenms vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-2728Lowlibrenms/librenms: LibreNMS: Cross-Site Scripting in ShowConfigControllerCVE-2026-6204Highlibrenms/librenms: LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File WriteCVE-2026-26990Highlibrenms/librenms: LibreNMS has a Time-Based Blind SQL Injection in address-search.inc.phpCVE-2026-26989Mediumlibrenms/librenms: LibreNMS has a Stored XSS in Alert RuleCVE-2026-26988Highlibrenms/librenms: LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream.CVE-2026-27016Mediumlibrenms/librenms: LibreNMS has a Stored XSS in Custom OID - unit parameter missing strip_tags()CVE-2026-26992Mediumlibrenms/librenms: LibreNMS /port-groups name Stored Cross-Site ScriptingCVE-2026-26991Mediumlibrenms/librenms: LibreNMS /device-groups name Stored Cross-Site ScriptingCVE-2026-26987Mediumlibrenms/librenms: LibreNMS affected by reflected xss via email field CVE-2020-36947Highlibrenms/librenms: LibreNMS contains an authenticated SQL Injection vulnerabilityCVE-2025-68614Mediumlibrenms/librenms: LibreNMS Alert Rule API Cross-Site Scripting VulnerabilityCVE-2025-65093Mediumlibrenms/librenms: LibreNMS is vulnerable to SQL Injection (Boolean-Based Blind) in hostname parameter in…CVE-2025-65014Lowlibrenms/librenms: LibreNMS has Weak Password PolicyCVE-2025-65013Mediumlibrenms/librenms: LibreNMS vulnerable to Reflected Cross-Site Scripting (XSS) in endpoint `/maps/nodeimage` parameter…CVE-2025-62412Lowlibrenms/librenms: LibreNMS alert-rules has a Cross-Site Scripting VulnerabilityCVE-2025-62411Mediumlibrenms/librenms: LibreNMS has a Stored XSS vulnerability in its Alert Transport name fieldCVE-2025-62365Mediumlibrenms/librenms: LibreNMS is vulnerable to Reflected-XSS in `report_this` functionCVE-2025-55296Mediumlibrenms/librenms: LibreNMS allows stored XSS in Alert Template name fieldCVE-2025-54138Highlibrenms/librenms: LibreNMS has Authenticated Remote File Inclusion in ajax_form.php that Allows RCECVE-2025-47931Lowlibrenms/librenms: LibreNMS stored Cross-site Scripting vulnerability in poller group nameCVE-2025-23201Mediumlibrenms/librenms: Librenms has a reflected XSS on error alertCVE-2025-23200Mediumlibrenms/librenms: LibreNMS Misc Section Stored Cross-site Scripting vulnerabilityCVE-2025-23199Mediumlibrenms/librenms: LibreNMS Ports Stored Cross-site Scripting vulnerabilityCVE-2025-23198Mediumlibrenms/librenms: LibreNMS Display Name Stored Cross-site Scripting vulnerabilityCVE-2024-56144Mediumlibrenms/librenms: LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability

Stop the waste.
Protect your environment with Kodem.