Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2026/03/19 12:0 a.m.4 views

OpenWrt LuCI 跨站脚本漏洞

OpenWrt LuCI is a graphical configuration interface for OpenWRT, an open-source operating system. Versions of OpenWrt LuCI prior to 24.10.5 and 25.12.0 had a cross-site scripting vulnerability. This vulnerability stemmed from a storage-based cross-site scripting issue in the wireless scanning...

8.6CVSS5.9AI score0.00239EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/02/21 1:30 a.m.2 views

CVE-2026-26987

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable to Reflected XSS attacks via email field. This issue has been fixed in version 26.2.0...

6.1CVSS5.3AI score0.00291EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/02/20 1:29 a.m.5 views

CVE-2026-26990

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a Time-Based Blind SQL Injection vulnerability in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly int...

8.8CVSS6AI score0.04054EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/02/20 1:25 a.m.26 views

CVE-2026-26989 LibreNMS has Stored XSS in Alert Rule

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by a Stored Cross-Site Scripting XSS vulnerability in the Alert Rules workflow. An attacker with administrative privileges can inject malicious scripts that execute in the browser...

4.3CVSS0.00238EPSS
Exploits1References4
OSV
OSVadded 2026/02/20 1:25 a.m.8 views

CVE-2026-26989 LibreNMS has Stored XSS in Alert Rule

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by a Stored Cross-Site Scripting XSS vulnerability in the Alert Rules workflow. An attacker with administrative privileges can inject malicious scripts that execute in the browser...

4.3CVSS5.5AI score0.00238EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/02/20 1:17 a.m.26 views

CVE-2026-26988 LibreNMS: SQL Injection in ajax_table.php spreads through a covert data stream

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below contain an SQL Injection vulnerability in the ajaxtable.php endpoint. The application fails to properly sanitize or parameterize user input when processing IPv6 address searches. Specifically,...

9.3CVSS0.00402EPSS
Exploits2References3
CVE
CVEadded 2026/02/20 1:11 a.m.12 views

CVE-2026-26987

CVE-2026-26987 affects LibreNMS up to version 25.12.0 with a Reflected XSS vulnerability in the email field of alerting settings. The issue is fixed in version 26.2.0. Multiple sources (NVD, Red Hat, OSV, GHSA) corroborate that user-input in the email field can be reflected, potentially allowing ...

6.1CVSS5.4AI score0.00291EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder