CVE-2025-62412

Low CVSS: 3.8

LibreNMS is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts > Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.

Vendor

Librenms

Product

Librenms

CWE

CWE-79

Yayın Tarihi

2025-10-16 18:15:39

Güncelleme

2025-10-23 12:31:34

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-79 Librenms LOW Librenms 2025

Referanslar

https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh

Benzer Kayıtlar

Medium

CVE-2026-26992

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. In versions 26.1.1 and below, the port gro…

Medium

CVE-2026-26991

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. In versions 26.1.1 and below, the device g…

Medium

CVE-2026-27016

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 24.10.0 through 26.1.1 are vulner…

Medium

CVE-2026-26987

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable…

Critical

CVE-2026-26988

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below contain an SQL…

Medium

CVE-2026-26989

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by…