2 matches found
CVE-2026-26988
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below contain an SQL Injection vulnerability in the ajaxtable.php endpoint. The application fails to properly sanitize or parameterize user input when processing IPv6 address searches. Specifically,...
CVE-2026-26988
CVE-2026-26988 affects LibreNMS (versions ≤ 25.12.0) via an SQL Injection in the IPv6 address search path of the ajax_table.php endpoint. The root cause is that the address parameter is split into an address and a prefix, and the prefix is directly concatenated into the SQL query without validati...