Lucene search
K

CVE-2026-2728

🗓️ 13 Apr 2026 10:39:54Reported by PRJBLKType 
cvelist
 cvelist
🔗 www.cve.org👁 33 Views

Authenticated XSS on LibreNMS showconfig page before 26.3.0; admin rights required and can target other users.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-2728
13 Apr 202610:39
attackerkb
Circl
CVE-2026-2728
13 Apr 202615:10
circl
CNNVD
LibreNMS 安全漏洞
13 Apr 202600:00
cnnvd
CVE
CVE-2026-2728
13 Apr 202610:39
cve
EUVD
EUVD-2026-21907
18 May 202617:00
euvd
Github Security Blog
LibreNMS: Cross-Site Scripting in ShowConfigController
18 May 202617:00
github
Github Security Blog
Duplicate Advisory: LibreNMS affected by an authenticated Cross-site Scripting vulnerability on the showconfig page
13 Apr 202612:31
github
NVD
CVE-2026-2728
13 Apr 202611:16
nvd
OSV
CVE-2026-2728
13 Apr 202610:39
osv
OSV
GHSA-5GM9-622F-QCG5 LibreNMS: Cross-Site Scripting in ShowConfigController
18 May 202617:00
osv
Rows per page
[
  {
    "vendor": "librenms",
    "product": "librenms",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "26.3.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation