| CVE-2024-51092 |
critical |
9.1 |
9.1 |
20d ago |
LibreNMS has an Authenticated OS Command Injection |
|
| CVE-2017-16759 |
medium |
5.9 |
5.9 |
9y ago |
LibreNMS Arbitrary File Read |
|
| CVE-2026-2728 |
low |
— |
2.5 |
10d ago |
LibreNMS: Cross-Site Scripting in ShowConfigController |
|
| CVE-2026-6204 |
unknown |
— |
— |
2mo ago |
LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write |
|
| CVE-2026-26990 |
unknown |
— |
— |
3mo ago |
LibreNMS has a Time-Based Blind SQL Injection in address-search.inc.php |
|
| CVE-2026-26989 |
unknown |
— |
— |
3mo ago |
LibreNMS has a Stored XSS in Alert Rule |
|
| CVE-2026-26988 |
unknown |
— |
— |
3mo ago |
LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream. |
|
| CVE-2026-27016 |
unknown |
— |
— |
3mo ago |
LibreNMS has a Stored XSS in Custom OID - unit parameter missing strip_tags() |
|
| CVE-2026-26992 |
unknown |
— |
— |
3mo ago |
LibreNMS /port-groups name Stored Cross-Site Scripting |
|
| CVE-2026-26991 |
unknown |
— |
— |
3mo ago |
LibreNMS /device-groups name Stored Cross-Site Scripting |
|
| CVE-2026-26987 |
unknown |
— |
— |
3mo ago |
LibreNMS affected by reflected xss via email field |
|
| CVE-2020-36947 |
unknown |
— |
— |
4mo ago |
LibreNMS contains an authenticated SQL Injection vulnerability |
|
| CVE-2025-68614 |
unknown |
— |
— |
5mo ago |
LibreNMS Alert Rule API Cross-Site Scripting Vulnerability |
|
| CVE-2025-65093 |
unknown |
— |
— |
6mo ago |
LibreNMS is vulnerable to SQL Injection (Boolean-Based Blind) in hostname parameter in ajax_output.php endpoint |
|
| CVE-2025-65014 |
unknown |
— |
— |
6mo ago |
LibreNMS has Weak Password Policy |
|
| CVE-2025-65013 |
unknown |
— |
— |
6mo ago |
LibreNMS vulnerable to Reflected Cross-Site Scripting (XSS) in endpoint `/maps/nodeimage` parameter `Image Name` |
|
| CVE-2025-62412 |
unknown |
— |
— |
7mo ago |
LibreNMS alert-rules has a Cross-Site Scripting Vulnerability |
|
| CVE-2025-62411 |
unknown |
— |
— |
7mo ago |
LibreNMS has a Stored XSS vulnerability in its Alert Transport name field |
|
| CVE-2025-62365 |
unknown |
— |
— |
8mo ago |
LibreNMS is vulnerable to Reflected-XSS in `report_this` function |
|
| CVE-2025-55296 |
unknown |
— |
— |
9mo ago |
LibreNMS allows stored XSS in Alert Template name field |
|
| CVE-2025-54138 |
unknown |
— |
— |
10mo ago |
LibreNMS has Authenticated Remote File Inclusion in ajax_form.php that Allows RCE |
|
| CVE-2025-47931 |
unknown |
— |
— |
1y ago |
LibreNMS stored Cross-site Scripting vulnerability in poller group name |
|
| CVE-2025-23201 |
unknown |
— |
— |
1y ago |
Librenms has a reflected XSS on error alert |
|
| CVE-2025-23200 |
unknown |
— |
— |
1y ago |
LibreNMS Misc Section Stored Cross-site Scripting vulnerability |
|
| CVE-2025-23199 |
unknown |
— |
— |
1y ago |
LibreNMS Ports Stored Cross-site Scripting vulnerability |
|
| CVE-2025-23198 |
unknown |
— |
— |
1y ago |
LibreNMS Display Name Stored Cross-site Scripting vulnerability |
|
| CVE-2024-56144 |
unknown |
— |
— |
1y ago |
LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability |
|
| CVE-2024-53457 |
unknown |
— |
— |
2y ago |
LibreNMS stored cross-site scripting (XSS) vulnerability in the Device Settings section |
|
| CVE-2024-52526 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php |
|
| CVE-2024-51497 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php |
|
| CVE-2024-51496 |
unknown |
— |
— |
2y ago |
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php |
|
| CVE-2024-51495 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php |
|
| CVE-2024-51494 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php |
|
| CVE-2024-50355 |
unknown |
— |
— |
2y ago |
LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints |
|
| CVE-2024-50352 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php |
|
| CVE-2024-50351 |
unknown |
— |
— |
2y ago |
LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php |
|
| CVE-2024-50350 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php |
|
| CVE-2024-49764 |
unknown |
— |
— |
2y ago |
LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php |
|
| CVE-2024-49759 |
unknown |
— |
— |
2y ago |
Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php |
|
| CVE-2024-49758 |
unknown |
— |
— |
2y ago |
LibreNMS has a stored XSS in ExamplePlugin with Device's Notes |
|
| CVE-2024-49754 |
unknown |
— |
— |
2y ago |
LibreNMS has a stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/api-access.inc.php |
|
| CVE-2024-47528 |
unknown |
— |
— |
2y ago |
LibreNMS vulnerable to Stored Cross-site Scripting via File Upload |
|
| CVE-2024-47523 |
unknown |
— |
— |
2y ago |
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature |
|
| CVE-2024-47524 |
unknown |
— |
— |
2y ago |
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Group" Name |
|
| CVE-2024-47525 |
unknown |
— |
— |
2y ago |
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Rules" feature |
|
| CVE-2024-47526 |
unknown |
— |
— |
2y ago |
LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Templates" feature |
|
| CVE-2024-47527 |
unknown |
— |
— |
2y ago |
LibreNMS has Stored Cross-site Scripting vulnerability in "Device Dependencies" feature |
|
| CVE-2024-32480 |
unknown |
— |
— |
2y ago |
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction |
|
| CVE-2024-32479 |
unknown |
— |
— |
2y ago |
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS |
|
| CVE-2024-32461 |
unknown |
— |
— |
2y ago |
LibreNMS vulnerable to SQL injection time-based leads to database extraction |
|
| CVE-2023-48294 |
unknown |
— |
— |
3y ago |
LibreNMS has Broken Access control on Graphs Feature |
|
| CVE-2023-48295 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting at Device groups Deletion feature |
|
| CVE-2023-46745 |
unknown |
— |
— |
3y ago |
LibreNMS vulnerable to rate limiting bypass on login page |
|
| CVE-2023-5591 |
unknown |
— |
— |
3y ago |
SQL injection in librenms/librenms |
|
| CVE-2023-5060 |
unknown |
— |
— |
3y ago |
Cross site scripting in librenms |
|
| CVE-2023-4982 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting vulnerability |
|
| CVE-2023-4981 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting vulnerability |
|
| CVE-2023-4980 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting vulnerability |
|
| CVE-2023-4979 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting vulnerability |
|
| CVE-2023-4978 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting vulnerability |
|
| CVE-2023-4977 |
unknown |
— |
— |
3y ago |
LibreNMS Code Injection vulnerability |
|
| CVE-2023-4347 |
unknown |
— |
— |
3y ago |
LibreNMS Cross-site Scripting vulnerability |
|
| CVE-2022-4067 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms/librenms |
|
| CVE-2022-4068 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms/librenms |
|
| CVE-2022-3562 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms/librenms |
|
| CVE-2022-3561 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms/librenms |
|
| CVE-2022-3525 |
unknown |
— |
— |
4y ago |
Deserialization of Untrusted Data in librenms/librenms |
|
| CVE-2022-3516 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms/librenms |
|
| CVE-2022-4069 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms/librenms |
|
| CVE-2022-4070 |
unknown |
— |
— |
4y ago |
Insufficient Session Expiration in librenms/librenms |
|
| CVE-2022-3231 |
unknown |
— |
— |
4y ago |
LibreNMS stored Cross-site Scripting via Schedule Maintenance `Title` parameter |
|
| CVE-2022-36746 |
unknown |
— |
— |
4y ago |
LibreNMS vulnerable to Cross-Site Scripting (XSS) |
|
| CVE-2022-36745 |
unknown |
— |
— |
4y ago |
LibreNMS vulnerable to Cross-Site Scripting (XSS) |
|
| CVE-2022-29712 |
unknown |
— |
— |
4y ago |
Command injection in librenms |
|
| CVE-2022-29711 |
unknown |
— |
— |
4y ago |
Cross site scripting in librenms |
|
| CVE-2020-15873 |
unknown |
— |
— |
4y ago |
LibreNMS SQL Injection vulnerability |
|
| CVE-2019-10665 |
unknown |
— |
— |
4y ago |
LibreNMS Information Disclosure |
|
| CVE-2018-20434 |
unknown |
— |
— |
4y ago |
LibreNMS arbitrary OS commands execution |
|
| CVE-2018-18478 |
unknown |
— |
— |
4y ago |
LibreNMS XSS Vulnerability |
|
| CVE-2018-20678 |
unknown |
— |
— |
4y ago |
LibreNMS SQL Injection |
|
| CVE-2022-0772 |
unknown |
— |
— |
4y ago |
Cross site scripting in LibreNMS |
|
| CVE-2022-0580 |
unknown |
— |
— |
4y ago |
Improper Access Control in librenms |
|
| CVE-2022-0587 |
unknown |
— |
— |
4y ago |
Improper Authorization in librenms |
|
| CVE-2022-0588 |
unknown |
— |
— |
4y ago |
Missing Authorization in librenms/librenms |
|
| CVE-2022-0589 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms |
|
| CVE-2022-0576 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms |
|
| CVE-2022-0575 |
unknown |
— |
— |
4y ago |
Cross-site Scripting in librenms |
|
| CVE-2021-44278 |
unknown |
— |
— |
5y ago |
Path traversal in librenms/librenms |
|
| CVE-2021-44279 |
unknown |
— |
— |
5y ago |
Cross-site Scripting in LibreNMS |
|
| CVE-2021-44277 |
unknown |
— |
— |
5y ago |
Cross-site Scripting in LibreNMS |
|
| CVE-2021-43324 |
unknown |
— |
— |
5y ago |
Cross-site Scripting in LibreNMS |
|
| CVE-2021-31274 |
unknown |
— |
— |
5y ago |
Cross-site Scripting in LibreNMS |
|
| CVE-2020-15877 |
unknown |
— |
— |
5y ago |
Exposure of Resource to Wrong Sphere in LibreNMS |
|
| CVE-2020-35700 |
unknown |
— |
— |
5y ago |
SQL Injection in librenms |
|
| CVE-2019-10671 |
unknown |
— |
— |
7y ago |
SQL Injection in LibreNMS |
|
| CVE-2019-12465 |
unknown |
— |
— |
7y ago |
SQL Injection in LibreNMS |
|
| CVE-2019-12464 |
unknown |
— |
— |
7y ago |
Path Traversal in LibreNMS |
|
| CVE-2019-10667 |
unknown |
— |
— |
7y ago |
Exposure of Sensitive Information to an Unauthorized Actor in LibreNMS |
|
| CVE-2019-12463 |
unknown |
— |
— |
7y ago |
Improper Encoding or Escaping of Output and Injection in LibreNMS |
|
| CVE-2019-10668 |
unknown |
— |
— |
7y ago |
Missing Authentication for Critical Function in LibreNMS |
|