18178 matches found
CVE-2026-26202
creationtimestamp| type| source ---|---|--- 2026-02-20 00:50:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfavbvn2nm2v 2026-02-20 22:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfd47vugih2r...
LibreNMS 跨站脚本漏洞
LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Versions of LibreNMS prior to 25.12.0 contained a cross-site scripting vulnerability. This...
CVE-2026-2044
creationtimestamp| type| source ---|---|--- 2026-02-19 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-118/ 2026-02-21 00:02:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfdd25aefq2d 2026-02-25 01:00:14+00:00| seen|...
PT-2026-20904
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by a Stored Cross-Site Scripting XSS vulnerability in the Alert Rules workflow. An attacker with administrative privileges can inject malicious scripts that execute in the browser...
CVE-2026-2650
creationtimestamp| type| source ---|---|--- 2026-02-18 23:26:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf6a53rtff2v 2026-02-19 03:00:33+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mf6m325jpl2e 2026-02-19 03:00:36+00:00| seen|...
GHSA-6XMX-XR9P-58P7 LibreNMS has a Stored XSS in Alert Rule
Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS " . e$ruledisplay . " PoC Request PoC: POST /alert-rule HTTP/1.1 Host: 192.168.236.131 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:140.0 Gecko/20100101 Firefox/140.0 Accept: application/json, text/javascript, /; q=0.01...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the alertrulelist.inc.php process. An attacker can execute arbitrary JavaScript code in...
LibreNMS has a Stored XSS in Alert Rule
Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS " . e$ruledisplay . " PoC Request PoC: POST /alert-rule HTTP/1.1 Host: 192.168.236.131 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:140.0 Gecko/20100101 Firefox/140.0 Accept: application/json, text/javascript, /; q=0.01...
GHSA-RWJ8-P9VQ-25GV
creationtimestamp| type| source ---|---|--- 2026-02-18 19:40:40+00:00| seen| https://gist.github.com/alon710/1e6afb3840077f77e3f5cee7a373c3eb...
Exploit for CVE-2024-4041
CVE-2024-4041 Yoast SEO /?page=%22%20onmouseover%3D%...
CVE-2025-65717
creationtimestamp| type| source ---|---|--- 2026-02-17 16:12:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf2xg5zo5z2d 2026-02-18 13:43:09+00:00| seen| https://infosec.exchange/users/jbhall56/statuses/116091924551416854 2026-02-18 13:43:25+00:00| seen|...
Exploit for CVE-1999-0368
🛡️ Advanced Penetration Testing & System Forensic Audit Mid...
CVE-2026-26220
creationtimestamp| type| source ---|---|--- 2026-02-17 07:10:47+00:00| seen| https://gist.github.com/alon710/21a935dc4b5fdb17135ead3e688c1ee1 2026-02-17 08:30:38+00:00| seen| https://infosec.exchange/users/offseq/statuses/116085033410436638 2026-02-17 08:30:40+00:00| seen|...
Malicious Package
Overview ambar-src is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
CVE-2026-2457
creationtimestamp| type| source ---|---|--- 2026-02-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0173/...
SUSE SLES12 Security Update : zabbix (SUSE-SU-2026:0483-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0483-1 advisory. - CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 - CVE-2024-42325: Restricted access to user fields using...
Suricata < 7.0.14 / 8.x < 8.0.3 Multiple Vulnerabilities
The version of OISF Suricata installed on the remote host is prior to 7.0.14 or 8.x prior to 8.0.3. It is, therefore, affected by multiple vulnerabilities, including: - Crafted DCERPC traffic can cause Suricata to expand a buffer without limits, leading to memory exhaustion and the process gettin...
Security update for zabbix
This update for zabbix fixes the following issues: CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using alert.get...
SUSE-SU-2026:0483-1 Security update for zabbix
This update for zabbix fixes the following issues: - CVE-2024-36469: Introduced clamping for mitigation of timing attacks. bsc1240676 - CVE-2024-42325: Restricted access to user fields using user.get API method for users of User and Admin type, and restricted access to alert entities using...
CVE-2025-10969
creationtimestamp| type| source ---|---|--- 2026-02-12 14:19:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meo6qfj3az25 2026-02-12 14:20:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meo6sispdb24 2026-02-12 14:23:04+00:00| seen|...