{"url":"http://public2.vulnerablecode.io/api/packages/432615?format=json","purl":"pkg:composer/librenms/librenms@1.19","type":"composer","namespace":"librenms","name":"librenms","version":"1.19","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.31.0","latest_non_vulnerable_version":"201609","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102736?format=json","vulnerability_id":"VCID-18g9-2u9c-nbez","summary":"LibreNMS  is a community-based GPL-licensed network monitoring system. LibreNMS <= 25.8.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the Alert Transports management functionality. When an administrator creates a new Alert Transport, the value of the Transport name field is stored and later rendered in the Transports column of the Alert Rules page without proper input validation or output encoding. This leads to arbitrary JavaScript execution in the admin’s browser. This vulnerability is fixed in 25.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62411","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00723","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62411"},{"reference_url":"https://github.com/librenms/librenms/commit/e1ead366239b57e88f9a06d4f7c213b1e2530cd8","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/e1ead366239b57e88f9a06d4f7c213b1e2530cd8"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/25.10.0","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/25.10.0"},{"reference_url":"https://github.com/librenms/librenms/commit/706a77085f4d5964f7de9444208ef707e1f79450","reference_id":"706a77085f4d5964f7de9444208ef707e1f79450","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-16T18:27:02Z/"}],"url":"https://github.com/librenms/librenms/commit/706a77085f4d5964f7de9444208ef707e1f79450"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62411","reference_id":"CVE-2025-62411","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62411"},{"reference_url":"https://github.com/advisories/GHSA-frc6-pwgr-c28w","reference_id":"GHSA-frc6-pwgr-c28w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-frc6-pwgr-c28w"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-frc6-pwgr-c28w","reference_id":"GHSA-frc6-pwgr-c28w","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-16T18:27:02Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-frc6-pwgr-c28w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34532?format=json","purl":"pkg:composer/librenms/librenms@25.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.10.0"}],"aliases":["CVE-2025-62411","GHSA-frc6-pwgr-c28w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-18g9-2u9c-nbez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208205?format=json","vulnerability_id":"VCID-1bhu-qkzp-tqas","summary":"Cross-site Scripting in librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0589","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07968","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0589"},{"reference_url":"https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa"},{"reference_url":"https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0589","reference_id":"CVE-2022-0589","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0589"},{"reference_url":"https://github.com/advisories/GHSA-gj26-g5qf-jrh7","reference_id":"GHSA-gj26-g5qf-jrh7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gj26-g5qf-jrh7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19367?format=json","purl":"pkg:composer/librenms/librenms@22.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.1.0"}],"aliases":["CVE-2022-0589","GHSA-gj26-g5qf-jrh7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bhu-qkzp-tqas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/323154?format=json","vulnerability_id":"VCID-2dax-4ghn-mffp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15877","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13909","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15877"},{"reference_url":"https://community.librenms.org/c/announcements","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://community.librenms.org/c/announcements"},{"reference_url":"https://github.com/librenms/librenms/commit/e5bb6d80bc308fc56b9a01ffb76c34159995353c","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/e5bb6d80bc308fc56b9a01ffb76c34159995353c"},{"reference_url":"https://github.com/librenms/librenms/compare/1.65...1.65.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/compare/1.65...1.65.1"},{"reference_url":"https://github.com/librenms/librenms/pull/11915","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/11915"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/1.65.1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/1.65.1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15877","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15877"},{"reference_url":"https://shielder.it/blog","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://shielder.it/blog"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/382641?format=json","purl":"pkg:composer/librenms/librenms@1.65.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.65.1"}],"aliases":["CVE-2020-15877","GHSA-3c33-3465-fhx2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2dax-4ghn-mffp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35115?format=json","vulnerability_id":"VCID-2zej-x5n6-cqbf","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Port Settings\" page allows authenticated users to inject arbitrary JavaScript through the \"descr\" parameter when editing a device's port settings. This vulnerability can lead to the execution of malicious code when the \"Port Settings\" page is visited, potentially compromising the user's session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51494","reference_id":"","reference_type":"","scores":[{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.7549","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51494"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51494","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51494"},{"reference_url":"https://github.com/librenms/librenms/commit/82a744bfe29017b8b58b5752ab9e1b335bedf0a0","reference_id":"82a744bfe29017b8b58b5752ab9e1b335bedf0a0","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:02:34Z/"}],"url":"https://github.com/librenms/librenms/commit/82a744bfe29017b8b58b5752ab9e1b335bedf0a0"},{"reference_url":"https://github.com/advisories/GHSA-7663-37rg-c377","reference_id":"GHSA-7663-37rg-c377","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7663-37rg-c377"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-7663-37rg-c377","reference_id":"GHSA-7663-37rg-c377","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:02:34Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-7663-37rg-c377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-51494","GHSA-7663-37rg-c377"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zej-x5n6-cqbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38416?format=json","vulnerability_id":"VCID-3faw-j7vn-hfaz","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Capture Debug Information\" page allows authenticated users to inject arbitrary JavaScript through the \"hostname\" parameter when creating a new device. This vulnerability results in the execution of malicious code when the \"Capture Debug Information\" page is visited, redirecting the user and sending non-httponly cookies to an attacker-controlled domain. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49764","reference_id":"","reference_type":"","scores":[{"value":"0.00901","scoring_system":"epss","scoring_elements":"0.76131","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49764"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49764","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49764"},{"reference_url":"https://github.com/librenms/librenms/commit/af15eabbb1752985d36f337cecf137a947e170f6","reference_id":"af15eabbb1752985d36f337cecf137a947e170f6","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:47:58Z/"}],"url":"https://github.com/librenms/librenms/commit/af15eabbb1752985d36f337cecf137a947e170f6"},{"reference_url":"https://github.com/advisories/GHSA-rmr4-x6c9-jc68","reference_id":"GHSA-rmr4-x6c9-jc68","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rmr4-x6c9-jc68"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-rmr4-x6c9-jc68","reference_id":"GHSA-rmr4-x6c9-jc68","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:47:58Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-rmr4-x6c9-jc68"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-49764","GHSA-rmr4-x6c9-jc68"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3faw-j7vn-hfaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/328030?format=json","vulnerability_id":"VCID-3qv3-74t6-6fhs","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35700","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26621","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35700"},{"reference_url":"https://github.com/librenms/librenms/blob/master/app/Http/Controllers/Widgets/TopDevicesController.php","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/blob/master/app/Http/Controllers/Widgets/TopDevicesController.php"},{"reference_url":"https://github.com/librenms/librenms/issues/12405","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/issues/12405"},{"reference_url":"https://github.com/librenms/librenms/pull/12422","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/12422"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/21.1.0","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/21.1.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35700","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35700"},{"reference_url":"https://www.horizon3.ai/disclosures/librenms-second-order-sqli","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.horizon3.ai/disclosures/librenms-second-order-sqli"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/383688?format=json","purl":"pkg:composer/librenms/librenms@21.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@21.1.0"}],"aliases":["CVE-2020-35700","GHSA-h59f-p56g-g75v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qv3-74t6-6fhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34923?format=json","vulnerability_id":"VCID-4syp-nckb-9fbw","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"overwrite_ip\" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51495","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51495"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51495","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51495"},{"reference_url":"https://github.com/librenms/librenms/commit/4568188ce9097a2e3a3b563311077f2bb82455c0","reference_id":"4568188ce9097a2e3a3b563311077f2bb82455c0","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:59:29Z/"}],"url":"https://github.com/librenms/librenms/commit/4568188ce9097a2e3a3b563311077f2bb82455c0"},{"reference_url":"https://github.com/advisories/GHSA-p66q-ppwr-q5j8","reference_id":"GHSA-p66q-ppwr-q5j8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p66q-ppwr-q5j8"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-p66q-ppwr-q5j8","reference_id":"GHSA-p66q-ppwr-q5j8","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T15:59:29Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-p66q-ppwr-q5j8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-51495","GHSA-p66q-ppwr-q5j8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4syp-nckb-9fbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34979?format=json","vulnerability_id":"VCID-5999-8pth-d7ba","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"metric\" parameter of the \"/wireless\" and \"/health\" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"metric\" parameter, potentially compromising their session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51496","reference_id":"","reference_type":"","scores":[{"value":"0.01137","scoring_system":"epss","scoring_elements":"0.78802","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51496"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51496","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51496"},{"reference_url":"https://github.com/librenms/librenms/commit/aef739a438ffb507e927a4ec87b359164a7a053a","reference_id":"aef739a438ffb507e927a4ec87b359164a7a053a","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T17:18:15Z/"}],"url":"https://github.com/librenms/librenms/commit/aef739a438ffb507e927a4ec87b359164a7a053a"},{"reference_url":"https://github.com/advisories/GHSA-28p7-f6h6-3jh3","reference_id":"GHSA-28p7-f6h6-3jh3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-28p7-f6h6-3jh3"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-28p7-f6h6-3jh3","reference_id":"GHSA-28p7-f6h6-3jh3","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T17:18:15Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-28p7-f6h6-3jh3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-51496","GHSA-28p7-f6h6-3jh3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5999-8pth-d7ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58020?format=json","vulnerability_id":"VCID-5ehc-2e2v-wkgb","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Alert Rules\" feature allows authenticated users to inject arbitrary JavaScript through the \"Title\" field. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. This vulnerability is fixed in 24.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47525","reference_id":"","reference_type":"","scores":[{"value":"0.07363","scoring_system":"epss","scoring_elements":"0.91898","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47525"},{"reference_url":"https://github.com/librenms/librenms/commit/7620d220e48563938d869da7689b8ac3f7721490","reference_id":"7620d220e48563938d869da7689b8ac3f7721490","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:00:57Z/"}],"url":"https://github.com/librenms/librenms/commit/7620d220e48563938d869da7689b8ac3f7721490"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47525","reference_id":"CVE-2024-47525","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47525"},{"reference_url":"https://github.com/advisories/GHSA-j2j9-7pr6-xqwv","reference_id":"GHSA-j2j9-7pr6-xqwv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j2j9-7pr6-xqwv"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-j2j9-7pr6-xqwv","reference_id":"GHSA-j2j9-7pr6-xqwv","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:00:57Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-j2j9-7pr6-xqwv"},{"reference_url":"https://github.com/librenms/librenms/blob/9455173edce6971777cf6666d540eeeaf6201920/includes/html/print-alert-rules.php#L405","reference_id":"print-alert-rules.php#L405","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:00:57Z/"}],"url":"https://github.com/librenms/librenms/blob/9455173edce6971777cf6666d540eeeaf6201920/includes/html/print-alert-rules.php#L405"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33584?format=json","purl":"pkg:composer/librenms/librenms@24.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-zhac-9svg-4fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.9.0"}],"aliases":["CVE-2024-47525","GHSA-j2j9-7pr6-xqwv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ehc-2e2v-wkgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204145?format=json","vulnerability_id":"VCID-5qc1-g4x7-n3fp","summary":"Missing Authentication for Critical Function in LibreNMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10668","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00169","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10668"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-authentication-bypass-vulnerability-xl-19-016","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-authentication-bypass-vulnerability-xl-19-016"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-authentication-bypass-vulnerability-xl-19-016/","reference_id":"","reference_type":"","scores":[],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-authentication-bypass-vulnerability-xl-19-016/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10668","reference_id":"CVE-2019-10668","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10668"},{"reference_url":"https://github.com/advisories/GHSA-277v-gwfr-hmpj","reference_id":"GHSA-277v-gwfr-hmpj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-277v-gwfr-hmpj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15649?format=json","purl":"pkg:composer/librenms/librenms@1.50.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-wtgu-cr2f-33cb"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.50.1"}],"aliases":["CVE-2019-10668","GHSA-277v-gwfr-hmpj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qc1-g4x7-n3fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/304574?format=json","vulnerability_id":"VCID-61va-qddt-rbf2","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20678","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01325","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20678"},{"reference_url":"https://cert.enea.pl/advisories/cert-190101.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert.enea.pl/advisories/cert-190101.html"},{"reference_url":"https://github.com/librenms/librenms/commit/32f72bc1ab7e980e4070e826a89d0d36a5ba62dd","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/32f72bc1ab7e980e4070e826a89d0d36a5ba62dd"},{"reference_url":"https://github.com/librenms/librenms/pull/11920","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/11920"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20678","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20678"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391067?format=json","purl":"pkg:composer/librenms/librenms@1.48.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.48.0"},{"url":"http://public2.vulnerablecode.io/api/packages/437965?format=json","purl":"pkg:composer/librenms/librenms@1.48","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-5qc1-g4x7-n3fp"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-qc4w-r2jh-a7hx"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-sp7z-xykf-e7ce"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.48"},{"url":"http://public2.vulnerablecode.io/api/packages/386348?format=json","purl":"pkg:composer/librenms/librenms@1.65.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.65.0"}],"aliases":["CVE-2018-20678","GHSA-4fwh-r866-pvh9"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-61va-qddt-rbf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174597?format=json","vulnerability_id":"VCID-656h-mks2-6yaw","summary":"Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3525","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00303","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3525"},{"reference_url":"https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948","reference_id":"ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-24T20:14:43Z/"}],"url":"https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3525","reference_id":"CVE-2022-3525","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3525"},{"reference_url":"https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330","reference_id":"ed048e8d-87af-440a-a91f-be1e65a40330","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-24T20:14:43Z/"}],"url":"https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330"},{"reference_url":"https://github.com/advisories/GHSA-cv9g-h8mm-xx5h","reference_id":"GHSA-cv9g-h8mm-xx5h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cv9g-h8mm-xx5h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-3525","GHSA-cv9g-h8mm-xx5h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-656h-mks2-6yaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139958?format=json","vulnerability_id":"VCID-8333-p936-4yen","summary":"Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4978","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00312","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4978"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4978","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4978"},{"reference_url":"https://huntr.dev/bounties/cefd9295-2053-4e6e-a130-7e1f845728f4","reference_id":"cefd9295-2053-4e6e-a130-7e1f845728f4","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:04Z/"}],"url":"https://huntr.dev/bounties/cefd9295-2053-4e6e-a130-7e1f845728f4"},{"reference_url":"https://github.com/librenms/librenms/commit/e4c46a45364cb944b94abf9b83f0558b2c4c2fb7","reference_id":"e4c46a45364cb944b94abf9b83f0558b2c4c2fb7","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:04Z/"}],"url":"https://github.com/librenms/librenms/commit/e4c46a45364cb944b94abf9b83f0558b2c4c2fb7"},{"reference_url":"https://github.com/advisories/GHSA-qjpw-rg56-jh8v","reference_id":"GHSA-qjpw-rg56-jh8v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qjpw-rg56-jh8v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379627?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4978","GHSA-qjpw-rg56-jh8v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8333-p936-4yen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208206?format=json","vulnerability_id":"VCID-8xsz-9mtq-w7ct","summary":"Missing Authorization in librenms/librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0588","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00042","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0588"},{"reference_url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7"},{"reference_url":"https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0588","reference_id":"CVE-2022-0588","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0588"},{"reference_url":"https://github.com/advisories/GHSA-254q-rqmw-vx45","reference_id":"GHSA-254q-rqmw-vx45","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-254q-rqmw-vx45"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19365?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0588","GHSA-254q-rqmw-vx45"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xsz-9mtq-w7ct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133650?format=json","vulnerability_id":"VCID-8ytn-qf7f-yfbf","summary":"SQL Injection in GitHub repository librenms/librenms prior to 23.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5591","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31341","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5591"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5591","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5591"},{"reference_url":"https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090","reference_id":"54813d42-5b93-440e-b9b1-c179d2cbf090","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T17:15:06Z/"}],"url":"https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090"},{"reference_url":"https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e","reference_id":"908aef65967ce6184bdc587fd105660d5d55129e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T17:15:06Z/"}],"url":"https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e"},{"reference_url":"https://github.com/advisories/GHSA-mr6h-7x2m-rgmq","reference_id":"GHSA-mr6h-7x2m-rgmq","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mr6h-7x2m-rgmq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379107?format=json","purl":"pkg:composer/librenms/librenms@23.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-5591","GHSA-mr6h-7x2m-rgmq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ytn-qf7f-yfbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168777?format=json","vulnerability_id":"VCID-91gw-qj5p-y3ed","summary":"A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4068","reference_id":"","reference_type":"","scores":[{"value":"0.50253","scoring_system":"epss","scoring_elements":"0.97894","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4068"},{"reference_url":"https://github.com/librenms/librenms/commit/09a2977adb8bc4b1db116c725d661160c930d3a1","reference_id":"09a2977adb8bc4b1db116c725d661160c930d3a1","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T18:58:11Z/"}],"url":"https://github.com/librenms/librenms/commit/09a2977adb8bc4b1db116c725d661160c930d3a1"},{"reference_url":"https://huntr.dev/bounties/becfecc4-22a6-4f94-bf83-d6030b625fdc","reference_id":"becfecc4-22a6-4f94-bf83-d6030b625fdc","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T18:58:11Z/"}],"url":"https://huntr.dev/bounties/becfecc4-22a6-4f94-bf83-d6030b625fdc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4068","reference_id":"CVE-2022-4068","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4068"},{"reference_url":"https://github.com/advisories/GHSA-f3hw-3h74-wr98","reference_id":"GHSA-f3hw-3h74-wr98","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f3hw-3h74-wr98"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-4068","GHSA-f3hw-3h74-wr98"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91gw-qj5p-y3ed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/339362?format=json","vulnerability_id":"VCID-92gm-nsf8-d7dt","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31274","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12611","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31274"},{"reference_url":"https://community.librenms.org/t/vulnerability-report-cross-site-scripting-xss-in-the-api-access-page/15431","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://community.librenms.org/t/vulnerability-report-cross-site-scripting-xss-in-the-api-access-page/15431"},{"reference_url":"https://github.com/librenms/librenms/pull/12739","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/12739"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-31274","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-31274"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/382488?format=json","purl":"pkg:composer/librenms/librenms@21.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@21.3.0"}],"aliases":["CVE-2021-31274","GHSA-2r2w-jrh2-p4gr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92gm-nsf8-d7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/291965?format=json","vulnerability_id":"VCID-974m-nykt-aqh3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16759","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00886","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16759"},{"reference_url":"https://blog.librenms.org/2017/08/22/librenms-security-fix-during-the-installation-process","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.librenms.org/2017/08/22/librenms-security-fix-during-the-installation-process"},{"reference_url":"https://github.com/librenms/librenms/commit/7887b2e1c7158204ac69ca43beafce66e4d3a3b4","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/7887b2e1c7158204ac69ca43beafce66e4d3a3b4"},{"reference_url":"https://github.com/librenms/librenms/commit/d3094fa6578b29dc34fb5a7d0bd6deab49ecc911","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/d3094fa6578b29dc34fb5a7d0bd6deab49ecc911"},{"reference_url":"https://github.com/librenms/librenms/pull/7184","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/7184"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16759","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16759"},{"reference_url":"https://github.com/advisories/GHSA-4ccx-wjqp-5fww","reference_id":"GHSA-4ccx-wjqp-5fww","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4ccx-wjqp-5fww"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386450?format=json","purl":"pkg:composer/librenms/librenms@1.31.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.31.0"},{"url":"http://public2.vulnerablecode.io/api/packages/432630?format=json","purl":"pkg:composer/librenms/librenms@1.31","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-5qc1-g4x7-n3fp"},{"vulnerability":"VCID-61va-qddt-rbf2"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cewc-v19g-yqf6"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-qc4w-r2jh-a7hx"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-sp7z-xykf-e7ce"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-veyg-29sb-x7cs"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zbz2-hwqc-6ye4"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.31"}],"aliases":["CVE-2017-16759","GHSA-4ccx-wjqp-5fww"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-974m-nykt-aqh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208303?format=json","vulnerability_id":"VCID-98wd-pvht-nqfu","summary":"Cross site scripting in LibreNMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0772","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03913","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0772"},{"reference_url":"https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281"},{"reference_url":"https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0772","reference_id":"CVE-2022-0772","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0772"},{"reference_url":"https://github.com/advisories/GHSA-vhm6-gw82-6f8j","reference_id":"GHSA-vhm6-gw82-6f8j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vhm6-gw82-6f8j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19526?format=json","purl":"pkg:composer/librenms/librenms@22.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0772","GHSA-vhm6-gw82-6f8j"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98wd-pvht-nqfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/168813?format=json","vulnerability_id":"VCID-9zy9-ue2n-87b4","summary":"Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4069","reference_id":"","reference_type":"","scores":[{"value":"0.63094","scoring_system":"epss","scoring_elements":"0.98421","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4069"},{"reference_url":"https://github.com/librenms/librenms/commit/8383376f1355812e09ec0c2af67f6d46891b7ba7","reference_id":"8383376f1355812e09ec0c2af67f6d46891b7ba7","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T20:10:44Z/"}],"url":"https://github.com/librenms/librenms/commit/8383376f1355812e09ec0c2af67f6d46891b7ba7"},{"reference_url":"https://huntr.dev/bounties/a9925d98-dac4-4c3c-835a-d93aeecfb2c5","reference_id":"a9925d98-dac4-4c3c-835a-d93aeecfb2c5","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-24T20:10:44Z/"}],"url":"https://huntr.dev/bounties/a9925d98-dac4-4c3c-835a-d93aeecfb2c5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4069","reference_id":"CVE-2022-4069","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4069"},{"reference_url":"https://github.com/advisories/GHSA-p55m-g4m3-qmrp","reference_id":"GHSA-p55m-g4m3-qmrp","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p55m-g4m3-qmrp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-4069","GHSA-p55m-g4m3-qmrp"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9zy9-ue2n-87b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91045?format=json","vulnerability_id":"VCID-ae82-tsr6-c3cw","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a reflected cross-site scripting (XSS) vulnerability was identified in the LibreNMS application at the /maps/nodeimage endpoint. The Image Name parameter is reflected in the HTTP response without proper output encoding or sanitization, allowing an attacker to craft a URL that, when visited by a victim, causes arbitrary JavaScript execution in the victim’s browser. This issue has been patched in version 25.11.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65013","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00031","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65013"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-65013","reference_id":"CVE-2025-65013","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-65013"},{"reference_url":"https://github.com/advisories/GHSA-j8cq-7f6p-256x","reference_id":"GHSA-j8cq-7f6p-256x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j8cq-7f6p-256x"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-j8cq-7f6p-256x","reference_id":"GHSA-j8cq-7f6p-256x","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:46:48Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-j8cq-7f6p-256x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35293?format=json","purl":"pkg:composer/librenms/librenms@25.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.11.0"}],"aliases":["CVE-2025-65013","GHSA-j8cq-7f6p-256x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ae82-tsr6-c3cw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210718?format=json","vulnerability_id":"VCID-bgm3-4nkb-c3bs","summary":"Command injection in librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29712","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05883","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29712"},{"reference_url":"https://github.com/librenms/librenms/commit/8b82341cb742e7bd4966964b399012f7ba017e0b","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/8b82341cb742e7bd4966964b399012f7ba017e0b"},{"reference_url":"https://github.com/librenms/librenms/pull/13932","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/13932"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29712","reference_id":"CVE-2022-29712","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29712"},{"reference_url":"https://github.com/advisories/GHSA-23f2-vgr6-fwv7","reference_id":"GHSA-23f2-vgr6-fwv7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-23f2-vgr6-fwv7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/24423?format=json","purl":"pkg:composer/librenms/librenms@22.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.4.0"}],"aliases":["CVE-2022-29712","GHSA-23f2-vgr6-fwv7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgm3-4nkb-c3bs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56944?format=json","vulnerability_id":"VCID-byb9-nnem-5bdu","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can be trigger from different sources. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50355","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24695","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50355"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50355","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50355"},{"reference_url":"https://github.com/librenms/librenms/commit/bb4731419b592867bf974dde525e536606a52976","reference_id":"bb4731419b592867bf974dde525e536606a52976","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:05:39Z/"}],"url":"https://github.com/librenms/librenms/commit/bb4731419b592867bf974dde525e536606a52976"},{"reference_url":"https://github.com/advisories/GHSA-4m5r-w2rq-q54q","reference_id":"GHSA-4m5r-w2rq-q54q","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4m5r-w2rq-q54q"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-4m5r-w2rq-q54q","reference_id":"GHSA-4m5r-w2rq-q54q","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:05:39Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-4m5r-w2rq-q54q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-50355","GHSA-4m5r-w2rq-q54q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-byb9-nnem-5bdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35541?format=json","vulnerability_id":"VCID-c5qg-fsdx-w7eg","summary":"LibreNMS before 24.10.0 allows a remote attacker to execute arbitrary code via OS command injection involving AboutController.php's index(), SettingsController.php's update(), and PollDevice.php's initRrdDirectory().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51092","reference_id":"","reference_type":"","scores":[{"value":"0.44112","scoring_system":"epss","scoring_elements":"0.97626","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51092"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51092","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51092"},{"reference_url":"https://github.com/advisories/GHSA-x645-6pf9-xwxw","reference_id":"GHSA-x645-6pf9-xwxw","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-x645-6pf9-xwxw"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-x645-6pf9-xwxw","reference_id":"GHSA-x645-6pf9-xwxw","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:10:38Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-x645-6pf9-xwxw"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb","reference_id":"librenms_authenticated_rce_cve_2024_51092.rb","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:10:38Z/"}],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/librenms_authenticated_rce_cve_2024_51092.rb"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-51092","GHSA-x645-6pf9-xwxw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c5qg-fsdx-w7eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70900?format=json","vulnerability_id":"VCID-cc1u-4ca7-v7he","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. In versions 26.1.1 and below, the device group name is not sanitized, allowing attackers with admin privileges to perform Stored Cross-Site Scripting (XSS) attacks. When a user adds a device group, an HTTP POST request is sent to the Request-URI \"/device-groups\". The name of the newly created device group is stored in the value of the name parameter. After the device group is created, the entry is displayed along with relevant buttons such as Rediscover Devices, Edit, and Delete. This issue has been fixed in version 26.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26991","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00194","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26991"},{"reference_url":"https://github.com/librenms/librenms/pull/19041","reference_id":"19041","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T16:32:06Z/"}],"url":"https://github.com/librenms/librenms/pull/19041"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/26.2.0","reference_id":"26.2.0","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T16:32:06Z/"}],"url":"https://github.com/librenms/librenms/releases/tag/26.2.0"},{"reference_url":"https://github.com/librenms/librenms/commit/64b31da444369213eb4559ec1c304ebfaa0ba12c","reference_id":"64b31da444369213eb4559ec1c304ebfaa0ba12c","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T16:32:06Z/"}],"url":"https://github.com/librenms/librenms/commit/64b31da444369213eb4559ec1c304ebfaa0ba12c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26991","reference_id":"CVE-2026-26991","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26991"},{"reference_url":"https://github.com/advisories/GHSA-5pqf-54qp-32wx","reference_id":"GHSA-5pqf-54qp-32wx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5pqf-54qp-32wx"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-5pqf-54qp-32wx","reference_id":"GHSA-5pqf-54qp-32wx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T16:32:06Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-5pqf-54qp-32wx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39372?format=json","purl":"pkg:composer/librenms/librenms@26.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-mb8k-971z-myd1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.2.0"}],"aliases":["CVE-2026-26991","GHSA-5pqf-54qp-32wx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cc1u-4ca7-v7he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309659?format=json","vulnerability_id":"VCID-cewc-v19g-yqf6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10665","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00232","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10665"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10665","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10665"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-rrdtool-injection-vulnerability-xl-19-023","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-rrdtool-injection-vulnerability-xl-19-023"},{"reference_url":"https://github.com/advisories/GHSA-q5rg-wg7h-73m5","reference_id":"GHSA-q5rg-wg7h-73m5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q5rg-wg7h-73m5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/437965?format=json","purl":"pkg:composer/librenms/librenms@1.48","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-5qc1-g4x7-n3fp"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-qc4w-r2jh-a7hx"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-sp7z-xykf-e7ce"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.48"}],"aliases":["CVE-2019-10665","GHSA-q5rg-wg7h-73m5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cewc-v19g-yqf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70911?format=json","vulnerability_id":"VCID-cmqg-e3da-r7cf","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable to  Reflected XSS attacks via email field. This issue has been fixed in version 26.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26987","reference_id":"","reference_type":"","scores":[{"value":"1e-05","scoring_system":"epss","scoring_elements":"6e-05","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26987"},{"reference_url":"https://github.com/librenms/librenms/pull/19038","reference_id":"19038","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:42Z/"}],"url":"https://github.com/librenms/librenms/pull/19038"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/26.2.0","reference_id":"26.2.0","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:42Z/"}],"url":"https://github.com/librenms/librenms/releases/tag/26.2.0"},{"reference_url":"https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b","reference_id":"8e626b38ef92e240532cdac2ac7e38706a71208b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:42Z/"}],"url":"https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26987","reference_id":"CVE-2026-26987","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26987"},{"reference_url":"https://github.com/advisories/GHSA-gqx7-99jw-6fpr","reference_id":"GHSA-gqx7-99jw-6fpr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gqx7-99jw-6fpr"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr","reference_id":"GHSA-gqx7-99jw-6fpr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:42Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39372?format=json","purl":"pkg:composer/librenms/librenms@26.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-mb8k-971z-myd1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.2.0"}],"aliases":["CVE-2026-26987","GHSA-gqx7-99jw-6fpr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmqg-e3da-r7cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/121735?format=json","vulnerability_id":"VCID-cntm-etf9-kkbv","summary":"librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting (XSS) vulnerability exists in LibreNMS (<= 25.6.0) in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template is rendered, potentially compromising other admin accounts. This vulnerability is fixed in 25.8.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55296","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0455","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55296"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55296","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55296"},{"reference_url":"https://github.com/librenms/librenms/commit/8ade3d827d317f5ac4b336617aafff865f825958","reference_id":"8ade3d827d317f5ac4b336617aafff865f825958","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-18T17:37:45Z/"}],"url":"https://github.com/librenms/librenms/commit/8ade3d827d317f5ac4b336617aafff865f825958"},{"reference_url":"https://github.com/advisories/GHSA-vxq6-8cwm-wj99","reference_id":"GHSA-vxq6-8cwm-wj99","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vxq6-8cwm-wj99"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-vxq6-8cwm-wj99","reference_id":"GHSA-vxq6-8cwm-wj99","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-18T17:37:45Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-vxq6-8cwm-wj99"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34555?format=json","purl":"pkg:composer/librenms/librenms@25.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2025-55296","GHSA-vxq6-8cwm-wj99"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cntm-etf9-kkbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53120?format=json","vulnerability_id":"VCID-dgdu-jnbz-2qbe","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to version 24.4.0, there is improper sanitization on the `Service` template name, which can lead to stored Cross-site Scripting. Version 24.4.0 fixes this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32479","reference_id":"","reference_type":"","scores":[{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.6731","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32479"},{"reference_url":"https://github.com/librenms/librenms/commit/19344f0584d4d6d4526fdf331adc60530e3f685b","reference_id":"19344f0584d4d6d4526fdf331adc60530e3f685b","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:22:50Z/"}],"url":"https://github.com/librenms/librenms/commit/19344f0584d4d6d4526fdf331adc60530e3f685b"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32479","reference_id":"CVE-2024-32479","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32479"},{"reference_url":"https://github.com/advisories/GHSA-72m9-7c8x-pmmw","reference_id":"GHSA-72m9-7c8x-pmmw","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-72m9-7c8x-pmmw"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-72m9-7c8x-pmmw","reference_id":"GHSA-72m9-7c8x-pmmw","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:22:50Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-72m9-7c8x-pmmw"},{"reference_url":"https://github.com/librenms/librenms/blob/a61c11db7e8ef6a437ab55741658be2be7d14d34/app/Http/Controllers/ServiceTemplateController.php#L67C23-L67C23","reference_id":"ServiceTemplateController.php#L67C23-L67C23","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T00:22:50Z/"}],"url":"https://github.com/librenms/librenms/blob/a61c11db7e8ef6a437ab55741658be2be7d14d34/app/Http/Controllers/ServiceTemplateController.php#L67C23-L67C23"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30707?format=json","purl":"pkg:composer/librenms/librenms@24.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.4.0"}],"aliases":["CVE-2024-32479","GHSA-72m9-7c8x-pmmw"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgdu-jnbz-2qbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/132605?format=json","vulnerability_id":"VCID-dku9-fked-fueu","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user accounts. This issue has been addressed in version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46745","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00778","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46745"},{"reference_url":"https://github.com/librenms/librenms/commit/7c006e96251ae1d32e1a015b361a7bfbb815c028","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/7c006e96251ae1d32e1a015b361a7bfbb815c028"},{"reference_url":"https://github.com/librenms/librenms/pull/15558","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/15558"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/23.11.0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/23.11.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46745","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46745"},{"reference_url":"https://github.com/advisories/GHSA-rq42-58qf-v3qx","reference_id":"GHSA-rq42-58qf-v3qx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rq42-58qf-v3qx"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx","reference_id":"GHSA-rq42-58qf-v3qx","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-29T14:08:45Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381058?format=json","purl":"pkg:composer/librenms/librenms@23.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-46745","GHSA-rq42-58qf-v3qx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dku9-fked-fueu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38490?format=json","vulnerability_id":"VCID-dmsz-ct8c-zuf9","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49758","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22367","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49758"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49758","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49758"},{"reference_url":"https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8","reference_id":"24b142d753898e273ec20b542a27dd6eb530c7d8","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T18:51:55Z/"}],"url":"https://github.com/librenms/librenms/commit/24b142d753898e273ec20b542a27dd6eb530c7d8"},{"reference_url":"https://github.com/advisories/GHSA-c86q-rj37-8f85","reference_id":"GHSA-c86q-rj37-8f85","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-c86q-rj37-8f85"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85","reference_id":"GHSA-c86q-rj37-8f85","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T18:51:55Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-c86q-rj37-8f85"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-49758","GHSA-c86q-rj37-8f85"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmsz-ct8c-zuf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140066?format=json","vulnerability_id":"VCID-ek4h-m8w9-t7bp","summary":"Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4981","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.16005","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4981"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4981","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4981"},{"reference_url":"https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7","reference_id":"03c4da62c8acde0a82acbb4a445ae866ebfdd3f7","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:46Z/"}],"url":"https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7"},{"reference_url":"https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609","reference_id":"1f014494-49a9-4bf0-8d43-a675498b9609","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:46Z/"}],"url":"https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609"},{"reference_url":"https://github.com/advisories/GHSA-5jjm-qp48-qp86","reference_id":"GHSA-5jjm-qp48-qp86","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5jjm-qp48-qp86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379627?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4981","GHSA-5jjm-qp48-qp86"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ek4h-m8w9-t7bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56675?format=json","vulnerability_id":"VCID-eq4t-1cwx-zfh5","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the \"section\" parameter of the \"logs\" tab of a device allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious \"section\" parameter, potentially compromising their session and enabling unauthorized actions. The issue arises from a lack of sanitization in the \"report_this()\" function. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50351","reference_id":"","reference_type":"","scores":[{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.78116","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50351"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50351","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50351"},{"reference_url":"https://github.com/librenms/librenms/commit/6a14a9bd767c6e452e4df77a24126c3eeb93dcbf","reference_id":"6a14a9bd767c6e452e4df77a24126c3eeb93dcbf","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T17:19:51Z/"}],"url":"https://github.com/librenms/librenms/commit/6a14a9bd767c6e452e4df77a24126c3eeb93dcbf"},{"reference_url":"https://github.com/advisories/GHSA-v7w9-63xh-6r3w","reference_id":"GHSA-v7w9-63xh-6r3w","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v7w9-63xh-6r3w"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-v7w9-63xh-6r3w","reference_id":"GHSA-v7w9-63xh-6r3w","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T17:19:51Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-v7w9-63xh-6r3w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-50351","GHSA-v7w9-63xh-6r3w"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eq4t-1cwx-zfh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38540?format=json","vulnerability_id":"VCID-eyv3-xp88-t7en","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the API-Access page allows authenticated users to inject arbitrary JavaScript through the \"token\" parameter when creating a new API token. This vulnerability can result in the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49754","reference_id":"","reference_type":"","scores":[{"value":"0.11981","scoring_system":"epss","scoring_elements":"0.9393","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49754"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49754","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49754"},{"reference_url":"https://github.com/librenms/librenms/commit/25988a937cbaebd2ba4c0517510206c404dfb359","reference_id":"25988a937cbaebd2ba4c0517510206c404dfb359","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T18:53:36Z/"}],"url":"https://github.com/librenms/librenms/commit/25988a937cbaebd2ba4c0517510206c404dfb359"},{"reference_url":"https://github.com/advisories/GHSA-gfwr-xqmj-j27v","reference_id":"GHSA-gfwr-xqmj-j27v","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gfwr-xqmj-j27v"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-gfwr-xqmj-j27v","reference_id":"GHSA-gfwr-xqmj-j27v","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T18:53:36Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-gfwr-xqmj-j27v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-49754","GHSA-gfwr-xqmj-j27v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyv3-xp88-t7en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93084?format=json","vulnerability_id":"VCID-g8zs-nkxb-hyc4","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.12.0, the Alert Rule API is vulnerable to stored cross-site scripting. Alert rules can be created or updated via LibreNMS API. The alert rule name is not properly sanitized, and can be used to inject HTML code. This issue has been patched in version 25.12.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68614","reference_id":"","reference_type":"","scores":[{"value":"1e-05","scoring_system":"epss","scoring_elements":"0.00012","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68614"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68614","reference_id":"CVE-2025-68614","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68614"},{"reference_url":"https://github.com/librenms/librenms/commit/ebe6c79bf4ce0afeb575c1285afe3934e44001f1","reference_id":"ebe6c79bf4ce0afeb575c1285afe3934e44001f1","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-22T23:55:04Z/"}],"url":"https://github.com/librenms/librenms/commit/ebe6c79bf4ce0afeb575c1285afe3934e44001f1"},{"reference_url":"https://github.com/advisories/GHSA-c89f-8g7g-59wj","reference_id":"GHSA-c89f-8g7g-59wj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c89f-8g7g-59wj"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-c89f-8g7g-59wj","reference_id":"GHSA-c89f-8g7g-59wj","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-22T23:55:04Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-c89f-8g7g-59wj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36351?format=json","purl":"pkg:composer/librenms/librenms@25.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-wjhn-5pcd-77cv"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.12.0"}],"aliases":["CVE-2025-68614","GHSA-c89f-8g7g-59wj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8zs-nkxb-hyc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57802?format=json","vulnerability_id":"VCID-gnfs-vu51-cbda","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the \"Alert Templates\" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47526","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34234","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47526"},{"reference_url":"https://github.com/librenms/librenms/blob/0e741e365aa974a74aee6b43d1b4b759158a5c7e/includes/html/modal/alert_template.inc.php#L205","reference_id":"alert_template.inc.php#L205","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:02:06Z/"}],"url":"https://github.com/librenms/librenms/blob/0e741e365aa974a74aee6b43d1b4b759158a5c7e/includes/html/modal/alert_template.inc.php#L205"},{"reference_url":"https://github.com/librenms/librenms/blob/0e741e365aa974a74aee6b43d1b4b759158a5c7e/includes/html/forms/alert-templates.inc.php#L40","reference_id":"alert-templates.inc.php#L40","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:02:06Z/"}],"url":"https://github.com/librenms/librenms/blob/0e741e365aa974a74aee6b43d1b4b759158a5c7e/includes/html/forms/alert-templates.inc.php#L40"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47526","reference_id":"CVE-2024-47526","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47526"},{"reference_url":"https://github.com/librenms/librenms/commit/f259edc19b9f0ccca484c60b1ba70a0bfff97ef5","reference_id":"f259edc19b9f0ccca484c60b1ba70a0bfff97ef5","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:02:06Z/"}],"url":"https://github.com/librenms/librenms/commit/f259edc19b9f0ccca484c60b1ba70a0bfff97ef5"},{"reference_url":"https://github.com/advisories/GHSA-gcgp-q2jq-fw52","reference_id":"GHSA-gcgp-q2jq-fw52","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gcgp-q2jq-fw52"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-gcgp-q2jq-fw52","reference_id":"GHSA-gcgp-q2jq-fw52","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:02:06Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-gcgp-q2jq-fw52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33584?format=json","purl":"pkg:composer/librenms/librenms@24.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-zhac-9svg-4fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.9.0"}],"aliases":["CVE-2024-47526","GHSA-gcgp-q2jq-fw52"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gnfs-vu51-cbda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58037?format=json","vulnerability_id":"VCID-gppp-bfnm-7ba6","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Alert Transports\" feature allows authenticated users to inject arbitrary JavaScript through the \"Details\" section (which contains multiple fields depending on which transport is selected at that moment). This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. This vulnerability is fixed in 24.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47523","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59881","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47523"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47523","reference_id":"CVE-2024-47523","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47523"},{"reference_url":"https://github.com/librenms/librenms/commit/ee1afba003d33667981e098c83295f599d88439c","reference_id":"ee1afba003d33667981e098c83295f599d88439c","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T12:57:21Z/"}],"url":"https://github.com/librenms/librenms/commit/ee1afba003d33667981e098c83295f599d88439c"},{"reference_url":"https://github.com/advisories/GHSA-7f84-28qh-9486","reference_id":"GHSA-7f84-28qh-9486","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7f84-28qh-9486"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-7f84-28qh-9486","reference_id":"GHSA-7f84-28qh-9486","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T12:57:21Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-7f84-28qh-9486"},{"reference_url":"https://github.com/librenms/librenms/blob/4777247327c793ed0a3306d0464b95176008177b/includes/html/print-alert-transports.php#L40","reference_id":"print-alert-transports.php#L40","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T12:57:21Z/"}],"url":"https://github.com/librenms/librenms/blob/4777247327c793ed0a3306d0464b95176008177b/includes/html/print-alert-transports.php#L40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33584?format=json","purl":"pkg:composer/librenms/librenms@24.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-zhac-9svg-4fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.9.0"}],"aliases":["CVE-2024-47523","GHSA-7f84-28qh-9486"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gppp-bfnm-7ba6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133316?format=json","vulnerability_id":"VCID-gzvy-qsmz-a7ca","summary":"Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5060","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00176","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5060"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5060","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5060"},{"reference_url":"https://huntr.dev/bounties/01b0917d-f92f-4903-9eca-bcfc46e847e3","reference_id":"01b0917d-f92f-4903-9eca-bcfc46e847e3","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T14:21:40Z/"}],"url":"https://huntr.dev/bounties/01b0917d-f92f-4903-9eca-bcfc46e847e3"},{"reference_url":"https://github.com/librenms/librenms/commit/8fd8d9b06a11060de5dc69588a1a83594a7e6f72","reference_id":"8fd8d9b06a11060de5dc69588a1a83594a7e6f72","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T14:21:40Z/"}],"url":"https://github.com/librenms/librenms/commit/8fd8d9b06a11060de5dc69588a1a83594a7e6f72"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379821?format=json","purl":"pkg:composer/librenms/librenms@23.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-5060","GHSA-2q8c-gqf4-mg3v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzvy-qsmz-a7ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174980?format=json","vulnerability_id":"VCID-hhhz-1bd6-3bfy","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3516","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00602","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3516"},{"reference_url":"https://huntr.dev/bounties/734bb5eb-715c-4b64-bd33-280300a63748","reference_id":"734bb5eb-715c-4b64-bd33-280300a63748","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:37:55Z/"}],"url":"https://huntr.dev/bounties/734bb5eb-715c-4b64-bd33-280300a63748"},{"reference_url":"https://github.com/librenms/librenms/commit/8e85698aa3aa4884c2f3d6c987542477eb64f07c","reference_id":"8e85698aa3aa4884c2f3d6c987542477eb64f07c","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-25T20:37:55Z/"}],"url":"https://github.com/librenms/librenms/commit/8e85698aa3aa4884c2f3d6c987542477eb64f07c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3516","reference_id":"CVE-2022-3516","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3516"},{"reference_url":"https://github.com/advisories/GHSA-r4gq-hv2r-mrf5","reference_id":"GHSA-r4gq-hv2r-mrf5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r4gq-hv2r-mrf5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-3516","GHSA-r4gq-hv2r-mrf5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhhz-1bd6-3bfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/323153?format=json","vulnerability_id":"VCID-j176-ekvg-3ufv","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15873","reference_id":"","reference_type":"","scores":[{"value":"0.01965","scoring_system":"epss","scoring_elements":"0.83906","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15873"},{"reference_url":"https://community.librenms.org/c/announcements","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://community.librenms.org/c/announcements"},{"reference_url":"https://github.com/librenms/librenms/commit/8f3a29cde5bbd8608f9b42923a7d7e2598bcac4e","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/8f3a29cde5bbd8608f9b42923a7d7e2598bcac4e"},{"reference_url":"https://github.com/librenms/librenms/compare/1.65...1.65.1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/compare/1.65...1.65.1"},{"reference_url":"https://github.com/librenms/librenms/pull/11923","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/11923"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15873","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15873"},{"reference_url":"https://research.loginsoft.com/bugs/blind-sql-injection-in-librenms","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://research.loginsoft.com/bugs/blind-sql-injection-in-librenms"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/382641?format=json","purl":"pkg:composer/librenms/librenms@1.65.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.65.1"}],"aliases":["CVE-2020-15873","GHSA-g5r6-vrmx-9gwj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j176-ekvg-3ufv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/344681?format=json","vulnerability_id":"VCID-ja3k-pqg6-cuct","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43324","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.0011","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43324"},{"reference_url":"https://github.com/librenms/librenms/commit/99d2462b80435b91a35236639b909eebee432126","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/99d2462b80435b91a35236639b909eebee432126"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43324","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43324"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18180?format=json","purl":"pkg:composer/librenms/librenms@21.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-n9g7-5ahp-9qh6"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-t5mg-4z98-57au"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-vrsm-hwju-hbhk"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@21.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2021-43324","GHSA-46rx-6jg9-4fh8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ja3k-pqg6-cuct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70766?format=json","vulnerability_id":"VCID-js2a-whr7-dufs","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Alert Rules workflow. An attacker with administrative privileges can inject malicious scripts that execute in the browser context of any user who accesses the Alert Rules page. This issue has been fixed in version 26.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26989","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00137","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26989"},{"reference_url":"https://github.com/librenms/librenms/commit/087608cf9f851189847cb8e8e5ad002e59170c58","reference_id":"087608cf9f851189847cb8e8e5ad002e59170c58","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:26:36Z/"}],"url":"https://github.com/librenms/librenms/commit/087608cf9f851189847cb8e8e5ad002e59170c58"},{"reference_url":"https://github.com/librenms/librenms/pull/19039","reference_id":"19039","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:26:36Z/"}],"url":"https://github.com/librenms/librenms/pull/19039"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/26.2.0","reference_id":"26.2.0","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:26:36Z/"}],"url":"https://github.com/librenms/librenms/releases/tag/26.2.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26989","reference_id":"CVE-2026-26989","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26989"},{"reference_url":"https://github.com/advisories/GHSA-6xmx-xr9p-58p7","reference_id":"GHSA-6xmx-xr9p-58p7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6xmx-xr9p-58p7"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-6xmx-xr9p-58p7","reference_id":"GHSA-6xmx-xr9p-58p7","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:26:36Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-6xmx-xr9p-58p7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39372?format=json","purl":"pkg:composer/librenms/librenms@26.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-mb8k-971z-myd1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.2.0"}],"aliases":["CVE-2026-26989","GHSA-6xmx-xr9p-58p7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js2a-whr7-dufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208154?format=json","vulnerability_id":"VCID-k3tp-p2ay-5bf3","summary":"Cross-site Scripting in librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0575","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07968","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0575"},{"reference_url":"https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54"},{"reference_url":"https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0575","reference_id":"CVE-2022-0575","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0575"},{"reference_url":"https://github.com/advisories/GHSA-hxmr-5gv9-6p8v","reference_id":"GHSA-hxmr-5gv9-6p8v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hxmr-5gv9-6p8v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19365?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0575","GHSA-hxmr-5gv9-6p8v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3tp-p2ay-5bf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102213?format=json","vulnerability_id":"VCID-k3xn-xjwb-a3en","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to 25.7.0, there is a reflected-XSS in `report_this` function in `librenms/includes/functions.php`. The `report_this` function had improper filtering (`htmlentities` function was incorrectly use in a href environment), which caused the `project_issues` parameter to trigger an XSS vulnerability. This vulnerability is fixed in 25.7.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62365","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00048","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62365"},{"reference_url":"https://github.com/librenms/librenms/commit/30d3dd7e5f5e22a8c23c9db3ad90a731c005b008","reference_id":"30d3dd7e5f5e22a8c23c9db3ad90a731c005b008","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:16:34Z/"}],"url":"https://github.com/librenms/librenms/commit/30d3dd7e5f5e22a8c23c9db3ad90a731c005b008"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62365","reference_id":"CVE-2025-62365","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62365"},{"reference_url":"https://github.com/advisories/GHSA-86rg-8hc8-v82p","reference_id":"GHSA-86rg-8hc8-v82p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-86rg-8hc8-v82p"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-86rg-8hc8-v82p","reference_id":"GHSA-86rg-8hc8-v82p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:16:34Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-86rg-8hc8-v82p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34210?format=json","purl":"pkg:composer/librenms/librenms@25.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.7.0"}],"aliases":["CVE-2025-62365","GHSA-86rg-8hc8-v82p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3xn-xjwb-a3en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70883?format=json","vulnerability_id":"VCID-k5z7-q82d-tue6","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below contain an SQL Injection vulnerability in the ajax_table.php endpoint. The application fails to properly sanitize or parameterize user input when processing IPv6 address searches. Specifically, the address parameter is split into an address and a prefix, and the prefix portion is directly concatenated into the SQL query string without validation. This allows an attacker to inject arbitrary SQL commands, potentially leading to unauthorized data access or database manipulation. This issue has been fixed in version 26.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26988","reference_id":"","reference_type":"","scores":[{"value":"1e-05","scoring_system":"epss","scoring_elements":"4e-05","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26988"},{"reference_url":"https://github.com/librenms/librenms/commit/15429580baba03ed1dd377bada1bde4b7a1175a1","reference_id":"15429580baba03ed1dd377bada1bde4b7a1175a1","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:39Z/"}],"url":"https://github.com/librenms/librenms/commit/15429580baba03ed1dd377bada1bde4b7a1175a1"},{"reference_url":"https://github.com/librenms/librenms/pull/18777","reference_id":"18777","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:39Z/"}],"url":"https://github.com/librenms/librenms/pull/18777"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26988","reference_id":"CVE-2026-26988","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26988"},{"reference_url":"https://github.com/advisories/GHSA-h3rv-q4rq-pqcv","reference_id":"GHSA-h3rv-q4rq-pqcv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h3rv-q4rq-pqcv"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-h3rv-q4rq-pqcv","reference_id":"GHSA-h3rv-q4rq-pqcv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:31:39Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-h3rv-q4rq-pqcv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39372?format=json","purl":"pkg:composer/librenms/librenms@26.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-mb8k-971z-myd1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.2.0"}],"aliases":["CVE-2026-26988","GHSA-h3rv-q4rq-pqcv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5z7-q82d-tue6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204153?format=json","vulnerability_id":"VCID-kj8w-8fft-m3em","summary":"SQL Injection in LibreNMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12465","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00367","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12465"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-sql-injection-vulnerability-xl-19-024","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-sql-injection-vulnerability-xl-19-024"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-sql-injection-vulnerability-xl-19-024/","reference_id":"","reference_type":"","scores":[],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-sql-injection-vulnerability-xl-19-024/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12465","reference_id":"CVE-2019-12465","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12465"},{"reference_url":"https://github.com/advisories/GHSA-878x-85hc-gc4g","reference_id":"GHSA-878x-85hc-gc4g","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-878x-85hc-gc4g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15650?format=json","purl":"pkg:composer/librenms/librenms@1.53.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.53.0"},{"url":"http://public2.vulnerablecode.io/api/packages/448361?format=json","purl":"pkg:composer/librenms/librenms@1.53","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.53"}],"aliases":["CVE-2019-12465","GHSA-878x-85hc-gc4g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kj8w-8fft-m3em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88264?format=json","vulnerability_id":"VCID-kmqh-r237-a7gu","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. LibreNMS versions 25.6.0 and below contain an architectural vulnerability in the ajax_form.php endpoint that permits Remote File Inclusion based on user-controlled POST input. The application directly uses the type parameter to dynamically include .inc.php files from the trusted path includes/html/forms/, without validation or allowlisting. This pattern introduces a latent Remote Code Execution (RCE) vector if an attacker can stage a file in this include path — for example, via symlink, development misconfiguration, or chained vulnerabilities. This is fixed in version 25.7.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54138","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22496","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-54138"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54138","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-54138"},{"reference_url":"https://github.com/librenms/librenms/pull/17990","reference_id":"17990","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T18:26:36Z/"}],"url":"https://github.com/librenms/librenms/pull/17990"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/25.7.0","reference_id":"25.7.0","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T18:26:36Z/"}],"url":"https://github.com/librenms/librenms/releases/tag/25.7.0"},{"reference_url":"https://github.com/librenms/librenms/commit/ec89714d929ef0cf2321957ed9198b0f18396c81","reference_id":"ec89714d929ef0cf2321957ed9198b0f18396c81","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T18:26:36Z/"}],"url":"https://github.com/librenms/librenms/commit/ec89714d929ef0cf2321957ed9198b0f18396c81"},{"reference_url":"https://github.com/advisories/GHSA-gq96-8w38-hhj2","reference_id":"GHSA-gq96-8w38-hhj2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gq96-8w38-hhj2"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-gq96-8w38-hhj2","reference_id":"GHSA-gq96-8w38-hhj2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T18:26:36Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-gq96-8w38-hhj2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34210?format=json","purl":"pkg:composer/librenms/librenms@25.7.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.7.0"}],"aliases":["CVE-2025-54138","GHSA-gq96-8w38-hhj2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmqh-r237-a7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357202?format=json","vulnerability_id":"VCID-kujx-pwg2-9kfx","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48294","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0692","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48294"},{"reference_url":"https://github.com/librenms/librenms/blob/fa93034edd40c130c2ff00667ca2498d84be6e69/html/graph.php#L19C1-L25C2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/blob/fa93034edd40c130c2ff00667ca2498d84be6e69/html/graph.php#L19C1-L25C2"},{"reference_url":"https://github.com/librenms/librenms/commit/489978a923ed52aa243d3419889ca298a8a6a7cf","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/489978a923ed52aa243d3419889ca298a8a6a7cf"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-fpq5-4vwm-78x4","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-fpq5-4vwm-78x4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48294","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48294"},{"reference_url":"https://github.com/advisories/GHSA-fpq5-4vwm-78x4","reference_id":"GHSA-fpq5-4vwm-78x4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fpq5-4vwm-78x4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381058?format=json","purl":"pkg:composer/librenms/librenms@23.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-48294","GHSA-fpq5-4vwm-78x4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kujx-pwg2-9kfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/359973?format=json","vulnerability_id":"VCID-mb8k-971z-myd1","summary":"Duplicate Advisory: LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write\n## Duplicate Advisory\n\nThis advisory has been withdrawn because it is a duplicate of GHSA-pr3g-phhr-h8fh. This link is maintained to preserve external references.\n\n## Original Description\nLibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server.","references":[{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6204","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6204"},{"reference_url":"https://github.com/advisories/GHSA-7549-ggpq-22w8","reference_id":"GHSA-7549-ggpq-22w8","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7549-ggpq-22w8"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-pr3g-phhr-h8fh","reference_id":"GHSA-pr3g-phhr-h8fh","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-pr3g-phhr-h8fh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40935?format=json","purl":"pkg:composer/librenms/librenms@26.3.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.3.0"}],"aliases":["GHSA-7549-ggpq-22w8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mb8k-971z-myd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57737?format=json","vulnerability_id":"VCID-mj4h-397a-nqbz","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Groups name, when user see the detail of the Device Group, if java script code is inside the name of the Device Groups, its will be trigger. This vulnerability is fixed in 24.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47524","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1348","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47524"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47524","reference_id":"CVE-2024-47524","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47524"},{"reference_url":"https://github.com/librenms/librenms/commit/d3b51560a8e2343e520d16e9adc72c6951aa91ee","reference_id":"d3b51560a8e2343e520d16e9adc72c6951aa91ee","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-02T12:58:50Z/"}],"url":"https://github.com/librenms/librenms/commit/d3b51560a8e2343e520d16e9adc72c6951aa91ee"},{"reference_url":"https://github.com/advisories/GHSA-fc38-2254-48g7","reference_id":"GHSA-fc38-2254-48g7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fc38-2254-48g7"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-fc38-2254-48g7","reference_id":"GHSA-fc38-2254-48g7","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-02T12:58:50Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-fc38-2254-48g7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33584?format=json","purl":"pkg:composer/librenms/librenms@24.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-zhac-9svg-4fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.9.0"}],"aliases":["CVE-2024-47524","GHSA-fc38-2254-48g7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mj4h-397a-nqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91558?format=json","vulnerability_id":"VCID-nexf-h4db-vkh5","summary":"librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to Cross-site Scripting (XSS) on the parameters:`/addhost` -> param: community. Librenms versions up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with the page displaying the data, the malicious script executes immediately, leading to potential unauthorized actions or data exposure. This issue has been addressed in release version 24.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23201","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1049","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23201"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23201","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23201"},{"reference_url":"https://github.com/advisories/GHSA-g84x-g96g-rcjc","reference_id":"GHSA-g84x-g96g-rcjc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-g84x-g96g-rcjc"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-g84x-g96g-rcjc","reference_id":"GHSA-g84x-g96g-rcjc","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-17T15:01:52Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-g84x-g96g-rcjc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372528?format=json","purl":"pkg:composer/librenms/librenms@24.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.11.0"}],"aliases":["CVE-2025-23201","GHSA-g84x-g96g-rcjc"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nexf-h4db-vkh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174836?format=json","vulnerability_id":"VCID-p7fj-s4ra-rqfe","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3562","reference_id":"","reference_type":"","scores":[{"value":"0.86005","scoring_system":"epss","scoring_elements":"0.9941","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3562"},{"reference_url":"https://github.com/librenms/librenms/commit/43cb72549d90e338f902b359a83c23d3cb5a2645","reference_id":"43cb72549d90e338f902b359a83c23d3cb5a2645","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T18:08:34Z/"}],"url":"https://github.com/librenms/librenms/commit/43cb72549d90e338f902b359a83c23d3cb5a2645"},{"reference_url":"https://huntr.dev/bounties/bb9f76db-1314-44ae-9ccc-2b69679aa657","reference_id":"bb9f76db-1314-44ae-9ccc-2b69679aa657","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T18:08:34Z/"}],"url":"https://huntr.dev/bounties/bb9f76db-1314-44ae-9ccc-2b69679aa657"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3562","reference_id":"CVE-2022-3562","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3562"},{"reference_url":"https://github.com/advisories/GHSA-5h77-4245-pg5p","reference_id":"GHSA-5h77-4245-pg5p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5h77-4245-pg5p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-3562","GHSA-5h77-4245-pg5p"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p7fj-s4ra-rqfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53229?format=json","vulnerability_id":"VCID-py7t-waeg-cfh8","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A SQL injection vulnerability in POST /search/search=packages in LibreNMS prior to version 24.4.0 allows a user with global read privileges to execute SQL commands via the package parameter. With this vulnerability, an attacker can exploit a SQL injection time based vulnerability to extract all data from the database, such as administrator credentials. Version 24.4.0 contains a patch for the vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32461","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35532","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32461"},{"reference_url":"https://doc.clickup.com/9013166444/p/h/8ckm0bc-53/16811991bb5fff6","reference_id":"16811991bb5fff6","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:24:26Z/"}],"url":"https://doc.clickup.com/9013166444/p/h/8ckm0bc-53/16811991bb5fff6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32461","reference_id":"CVE-2024-32461","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32461"},{"reference_url":"https://github.com/librenms/librenms/commit/d29201fce134347f891102699fbde7070debee33","reference_id":"d29201fce134347f891102699fbde7070debee33","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:24:26Z/"}],"url":"https://github.com/librenms/librenms/commit/d29201fce134347f891102699fbde7070debee33"},{"reference_url":"https://github.com/advisories/GHSA-cwx6-cx7x-4q34","reference_id":"GHSA-cwx6-cx7x-4q34","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cwx6-cx7x-4q34"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-cwx6-cx7x-4q34","reference_id":"GHSA-cwx6-cx7x-4q34","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:24:26Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-cwx6-cx7x-4q34"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30707?format=json","purl":"pkg:composer/librenms/librenms@24.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.4.0"}],"aliases":["CVE-2024-32461","GHSA-cwx6-cx7x-4q34"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-py7t-waeg-cfh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204154?format=json","vulnerability_id":"VCID-qc4w-r2jh-a7hx","summary":"SQL Injection in LibreNMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10671","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00847","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10671"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-multiple-sql-injection-vulnerability-xl-19-025","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-multiple-sql-injection-vulnerability-xl-19-025"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-multiple-sql-injection-vulnerability-xl-19-025/","reference_id":"","reference_type":"","scores":[],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-multiple-sql-injection-vulnerability-xl-19-025/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10671","reference_id":"CVE-2019-10671","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10671"},{"reference_url":"https://github.com/advisories/GHSA-g9xh-3w5g-229r","reference_id":"GHSA-g9xh-3w5g-229r","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g9xh-3w5g-229r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15649?format=json","purl":"pkg:composer/librenms/librenms@1.50.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-wtgu-cr2f-33cb"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.50.1"}],"aliases":["CVE-2019-10671","GHSA-g9xh-3w5g-229r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qc4w-r2jh-a7hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53126?format=json","vulnerability_id":"VCID-r2tp-4cm4-b3b1","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The `order` parameter is obtained from `$request`. After performing a string check, the value is directly incorporated into an SQL statement and concatenated, resulting in a SQL injection vulnerability. An attacker may extract a whole database this way. Version 24.4.0 fixes the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32480","reference_id":"","reference_type":"","scores":[{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61442","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32480"},{"reference_url":"https://github.com/librenms/librenms/commit/83fe4b10c440d69a47fe2f8616e290ba2bd3a27c","reference_id":"83fe4b10c440d69a47fe2f8616e290ba2bd3a27c","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:21:00Z/"}],"url":"https://github.com/librenms/librenms/commit/83fe4b10c440d69a47fe2f8616e290ba2bd3a27c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32480","reference_id":"CVE-2024-32480","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-32480"},{"reference_url":"https://github.com/advisories/GHSA-jh57-j3vq-h438","reference_id":"GHSA-jh57-j3vq-h438","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jh57-j3vq-h438"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-jh57-j3vq-h438","reference_id":"GHSA-jh57-j3vq-h438","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-04-23T00:21:00Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-jh57-j3vq-h438"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30707?format=json","purl":"pkg:composer/librenms/librenms@24.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.4.0"}],"aliases":["CVE-2024-32480","GHSA-jh57-j3vq-h438"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2tp-4cm4-b3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140294?format=json","vulnerability_id":"VCID-r7fv-dr67-j7ht","summary":"Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4979","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11462","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4979"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4979","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4979"},{"reference_url":"https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03","reference_id":"49d66fa31b43acef02eaa09ee9af15fe7e16cd03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:14Z/"}],"url":"https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03"},{"reference_url":"https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f","reference_id":"e67f8f5d-4048-404f-9b86-cb6b8719b77f","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:14Z/"}],"url":"https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f"},{"reference_url":"https://github.com/advisories/GHSA-jp3c-g46v-jg2c","reference_id":"GHSA-jp3c-g46v-jg2c","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jp3c-g46v-jg2c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379627?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4979","GHSA-jp3c-g46v-jg2c"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r7fv-dr67-j7ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91291?format=json","vulnerability_id":"VCID-rfwn-r567-qben","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a boolean-based blind SQL injection vulnerability was identified in the LibreNMS application at the /ajax_output.php endpoint. The hostname parameter is interpolated directly into an SQL query without proper sanitization or parameter binding, allowing an attacker to manipulate the query logic and infer data from the database through conditional responses. This issue has been patched in version 25.11.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65093","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00144","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65093"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-65093","reference_id":"CVE-2025-65093","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-65093"},{"reference_url":"https://github.com/advisories/GHSA-6pmj-xjxp-p8g9","reference_id":"GHSA-6pmj-xjxp-p8g9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6pmj-xjxp-p8g9"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-6pmj-xjxp-p8g9","reference_id":"GHSA-6pmj-xjxp-p8g9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:58:37Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-6pmj-xjxp-p8g9"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35293?format=json","purl":"pkg:composer/librenms/librenms@25.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.11.0"}],"aliases":["CVE-2025-65093","GHSA-6pmj-xjxp-p8g9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rfwn-r567-qben"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211390?format=json","vulnerability_id":"VCID-s58c-1ss7-jbh1","summary":"LibreNMS stored Cross-site Scripting via Schedule Maintenance `Title` parameter","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3231","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55439","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3231"},{"reference_url":"https://github.com/librenms/librenms/commit/08050020861230ff96a6507b309cc172a9e70af8","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/08050020861230ff96a6507b309cc172a9e70af8"},{"reference_url":"https://github.com/librenms/librenms/pull/14360","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/14360"},{"reference_url":"https://huntr.dev/bounties/bcb6ee68-1452-4fdb-932a-f1031d10984f","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/bcb6ee68-1452-4fdb-932a-f1031d10984f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3231","reference_id":"CVE-2022-3231","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3231"},{"reference_url":"https://github.com/advisories/GHSA-3jh2-wmv7-m932","reference_id":"GHSA-3jh2-wmv7-m932","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3jh2-wmv7-m932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26868?format=json","purl":"pkg:composer/librenms/librenms@22.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-3231","GHSA-3jh2-wmv7-m932"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s58c-1ss7-jbh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208207?format=json","vulnerability_id":"VCID-sm1m-7ca9-vfb4","summary":"Improper Authorization in librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0587","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0587"},{"reference_url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7"},{"reference_url":"https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0587","reference_id":"CVE-2022-0587","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0587"},{"reference_url":"https://github.com/advisories/GHSA-ppfm-rj6p-38q6","reference_id":"GHSA-ppfm-rj6p-38q6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-ppfm-rj6p-38q6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19365?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0587","GHSA-ppfm-rj6p-38q6"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sm1m-7ca9-vfb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204148?format=json","vulnerability_id":"VCID-sp7z-xykf-e7ce","summary":"Exposure of Sensitive Information to an Unauthorized Actor in LibreNMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10667","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10667"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-information-disclosure-vulnerability-xl-19-018","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-information-disclosure-vulnerability-xl-19-018"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-information-disclosure-vulnerability-xl-19-018/","reference_id":"","reference_type":"","scores":[],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-information-disclosure-vulnerability-xl-19-018/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10667","reference_id":"CVE-2019-10667","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10667"},{"reference_url":"https://github.com/advisories/GHSA-f4hh-xxqh-wgpq","reference_id":"GHSA-f4hh-xxqh-wgpq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f4hh-xxqh-wgpq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15649?format=json","purl":"pkg:composer/librenms/librenms@1.50.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-wtgu-cr2f-33cb"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.50.1"}],"aliases":["CVE-2019-10667","GHSA-f4hh-xxqh-wgpq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sp7z-xykf-e7ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140189?format=json","vulnerability_id":"VCID-srqm-zv16-eubv","summary":"Code Injection in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4977","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18325","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4977"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4977","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4977"},{"reference_url":"https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0","reference_id":"1194934d31c795a3f6877a96ffaa34b1f475bdd0","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:32:02Z/"}],"url":"https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0"},{"reference_url":"https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc","reference_id":"3db8a1a4-ca2d-45df-be18-a959ebf82fbc","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:32:02Z/"}],"url":"https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc"},{"reference_url":"https://github.com/advisories/GHSA-57m2-mpc7-gwgx","reference_id":"GHSA-57m2-mpc7-gwgx","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-57m2-mpc7-gwgx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379627?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4977","GHSA-57m2-mpc7-gwgx"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-srqm-zv16-eubv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102665?format=json","vulnerability_id":"VCID-st22-w6hp-tka9","summary":"LibreNMS  is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts > Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62412","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00028","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62412"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/25.10.0","reference_id":"","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/25.10.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62412","reference_id":"CVE-2025-62412","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62412"},{"reference_url":"https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f","reference_id":"dccdf6769976a974d70f06a7ce8d5a846b29db6f","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-16T18:25:48Z/"}],"url":"https://github.com/librenms/librenms/commit/dccdf6769976a974d70f06a7ce8d5a846b29db6f"},{"reference_url":"https://github.com/advisories/GHSA-6g2v-66ch-6xmh","reference_id":"GHSA-6g2v-66ch-6xmh","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6g2v-66ch-6xmh"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh","reference_id":"GHSA-6g2v-66ch-6xmh","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-16T18:25:48Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-6g2v-66ch-6xmh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/34532?format=json","purl":"pkg:composer/librenms/librenms@25.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.10.0"}],"aliases":["CVE-2025-62412","GHSA-6g2v-66ch-6xmh"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-st22-w6hp-tka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38477?format=json","vulnerability_id":"VCID-tdcf-uak3-gfec","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Manage User Access\" page allows authenticated users to inject arbitrary JavaScript through the \"bill_name\" parameter when creating a new bill. This vulnerability can lead to the execution of malicious code when visiting the \"Bill Access\" dropdown in the user's \"Manage Access\" page, potentially compromising user sessions and allowing unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49759","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.68263","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-49759"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49759","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49759"},{"reference_url":"https://github.com/librenms/librenms/commit/237f4d2e818170171dfad6efad36a275cd2ba8d0","reference_id":"237f4d2e818170171dfad6efad36a275cd2ba8d0","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:52:28Z/"}],"url":"https://github.com/librenms/librenms/commit/237f4d2e818170171dfad6efad36a275cd2ba8d0"},{"reference_url":"https://github.com/advisories/GHSA-888j-pjqh-fx58","reference_id":"GHSA-888j-pjqh-fx58","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-888j-pjqh-fx58"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-888j-pjqh-fx58","reference_id":"GHSA-888j-pjqh-fx58","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:52:28Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-888j-pjqh-fx58"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-49759","GHSA-888j-pjqh-fx58"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tdcf-uak3-gfec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/169168?format=json","vulnerability_id":"VCID-tj46-drf4-q7hy","summary":"Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4070","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00139","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4070"},{"reference_url":"https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775","reference_id":"72d426bb-b56e-4534-88ba-0d11381b0775","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T18:14:00Z/"}],"url":"https://huntr.dev/bounties/72d426bb-b56e-4534-88ba-0d11381b0775"},{"reference_url":"https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc","reference_id":"ce8e5f3d056829bfa7a845f9dc2757e21e419ddc","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T18:14:00Z/"}],"url":"https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4070","reference_id":"CVE-2022-4070","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4070"},{"reference_url":"https://github.com/advisories/GHSA-x93j-3hh3-6x23","reference_id":"GHSA-x93j-3hh3-6x23","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x93j-3hh3-6x23"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-4070","GHSA-x93j-3hh3-6x23"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tj46-drf4-q7hy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56881?format=json","vulnerability_id":"VCID-tq42-r5ny-nbfu","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Services\" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the \"name\" parameter when adding a service to a device. This vulnerability could result in the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50352","reference_id":"","reference_type":"","scores":[{"value":"0.11787","scoring_system":"epss","scoring_elements":"0.9387","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50352"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50352","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50352"},{"reference_url":"https://github.com/librenms/librenms/commit/b4af778ca42c5839801f16ece53505bb7fa1e7bc","reference_id":"b4af778ca42c5839801f16ece53505bb7fa1e7bc","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:11:34Z/"}],"url":"https://github.com/librenms/librenms/commit/b4af778ca42c5839801f16ece53505bb7fa1e7bc"},{"reference_url":"https://github.com/advisories/GHSA-qr8f-5qqg-j3wg","reference_id":"GHSA-qr8f-5qqg-j3wg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qr8f-5qqg-j3wg"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-qr8f-5qqg-j3wg","reference_id":"GHSA-qr8f-5qqg-j3wg","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:11:34Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-qr8f-5qqg-j3wg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-50352","GHSA-qr8f-5qqg-j3wg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tq42-r5ny-nbfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139952?format=json","vulnerability_id":"VCID-tube-fx1x-cka6","summary":"Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4347","reference_id":"","reference_type":"","scores":[{"value":"0.77441","scoring_system":"epss","scoring_elements":"0.99006","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4347"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4347","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4347"},{"reference_url":"https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f","reference_id":"1f78c6e1-2923-46c5-9376-4cc5a8f1152f","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:39:38Z/"}],"url":"https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f"},{"reference_url":"https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824","reference_id":"91c57a1ee54631e071b6b0c952d99c8ee892e824","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:39:38Z/"}],"url":"https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824"},{"reference_url":"https://github.com/advisories/GHSA-m6pf-cm3f-7876","reference_id":"GHSA-m6pf-cm3f-7876","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m6pf-cm3f-7876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/380662?format=json","purl":"pkg:composer/librenms/librenms@23.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4347","GHSA-m6pf-cm3f-7876"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tube-fx1x-cka6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/35290?format=json","vulnerability_id":"VCID-u5dh-nt5q-4kh2","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Custom OID\" tab of a device allows authenticated users to inject arbitrary JavaScript through the \"unit\" parameter when creating a new OID. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51497","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-51497"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51497","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-51497"},{"reference_url":"https://github.com/librenms/librenms/commit/42b156e42a3811c23758772ce8c63d4d3eaba59b","reference_id":"42b156e42a3811c23758772ce8c63d4d3eaba59b","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T17:16:10Z/"}],"url":"https://github.com/librenms/librenms/commit/42b156e42a3811c23758772ce8c63d4d3eaba59b"},{"reference_url":"https://github.com/advisories/GHSA-gv4m-f6fx-859x","reference_id":"GHSA-gv4m-f6fx-859x","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gv4m-f6fx-859x"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-gv4m-f6fx-859x","reference_id":"GHSA-gv4m-f6fx-859x","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T17:16:10Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-gv4m-f6fx-859x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-51497","GHSA-gv4m-f6fx-859x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u5dh-nt5q-4kh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/169151?format=json","vulnerability_id":"VCID-upyd-sq4n-hycq","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4067","reference_id":"","reference_type":"","scores":[{"value":"0.85276","scoring_system":"epss","scoring_elements":"0.9938","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4067"},{"reference_url":"https://huntr.dev/bounties/3ca7023e-d95c-423f-9e9a-222a67a8ee72","reference_id":"3ca7023e-d95c-423f-9e9a-222a67a8ee72","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:56:31Z/"}],"url":"https://huntr.dev/bounties/3ca7023e-d95c-423f-9e9a-222a67a8ee72"},{"reference_url":"https://github.com/librenms/librenms/commit/8e85698aa3aa4884c2f3d6c987542477eb64f07c","reference_id":"8e85698aa3aa4884c2f3d6c987542477eb64f07c","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:56:31Z/"}],"url":"https://github.com/librenms/librenms/commit/8e85698aa3aa4884c2f3d6c987542477eb64f07c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4067","reference_id":"CVE-2022-4067","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4067"},{"reference_url":"https://github.com/advisories/GHSA-qch4-jmf8-xvp7","reference_id":"GHSA-qch4-jmf8-xvp7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qch4-jmf8-xvp7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-4067","GHSA-qch4-jmf8-xvp7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upyd-sq4n-hycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91175?format=json","vulnerability_id":"VCID-uwnc-rpz9-7be2","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Prior to version 25.11.0, a weak password policy vulnerability was identified in the user management functionality of the LibreNMS application. This vulnerability allows administrators to create accounts with extremely weak and predictable passwords, such as 12345678. This exposes the platform to brute-force and credential stuffing attacks. This issue has been patched in version 25.11.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65014","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00024","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-65014"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-65014","reference_id":"CVE-2025-65014","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-65014"},{"reference_url":"https://github.com/advisories/GHSA-5mrf-j8v6-f45g","reference_id":"GHSA-5mrf-j8v6-f45g","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5mrf-j8v6-f45g"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-5mrf-j8v6-f45g","reference_id":"GHSA-5mrf-j8v6-f45g","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T14:53:12Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-5mrf-j8v6-f45g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/35293?format=json","purl":"pkg:composer/librenms/librenms@25.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.11.0"}],"aliases":["CVE-2025-65014","GHSA-5mrf-j8v6-f45g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwnc-rpz9-7be2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152598?format=json","vulnerability_id":"VCID-veyg-29sb-x7cs","summary":"LibreNMS 1.46 contains an authenticated SQL injection vulnerability in the MAC accounting graph endpoint that allows remote attackers to extract database information. Attackers can exploit the vulnerability by manipulating the 'sort' parameter with crafted SQL injection techniques to retrieve sensitive database contents through time-based blind SQL injection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36947","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02976","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36947"},{"reference_url":"https://community.librenms.org","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://community.librenms.org"},{"reference_url":"https://www.exploit-db.com/exploits/49246","reference_id":"49246","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:08:15Z/"}],"url":"https://www.exploit-db.com/exploits/49246"},{"reference_url":"https://community.librenms.org/","reference_id":"community.librenms.org","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:08:15Z/"}],"url":"https://community.librenms.org/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36947","reference_id":"CVE-2020-36947","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36947"},{"reference_url":"https://github.com/advisories/GHSA-qp2j-v5jg-hg68","reference_id":"GHSA-qp2j-v5jg-hg68","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qp2j-v5jg-hg68"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"librenms","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:08:15Z/"}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://www.vulncheck.com/advisories/librenms-mac-accounting-graph-authenticated-sql-injection","reference_id":"librenms-mac-accounting-graph-authenticated-sql-injection","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:08:15Z/"}],"url":"https://www.vulncheck.com/advisories/librenms-mac-accounting-graph-authenticated-sql-injection"},{"reference_url":"https://www.librenms.org","reference_id":"www.librenms.org","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:08:15Z/"}],"url":"https://www.librenms.org"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/437964?format=json","purl":"pkg:composer/librenms/librenms@1.47","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-5qc1-g4x7-n3fp"},{"vulnerability":"VCID-61va-qddt-rbf2"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cewc-v19g-yqf6"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-qc4w-r2jh-a7hx"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-sp7z-xykf-e7ce"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.47"}],"aliases":["CVE-2020-36947","GHSA-qp2j-v5jg-hg68"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-veyg-29sb-x7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208208?format=json","vulnerability_id":"VCID-vhry-3hqm-bbaz","summary":"Improper Access Control in librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0580","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00032","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0580"},{"reference_url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7"},{"reference_url":"https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0580","reference_id":"CVE-2022-0580","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0580"},{"reference_url":"https://github.com/advisories/GHSA-33wf-4crm-2322","reference_id":"GHSA-33wf-4crm-2322","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-33wf-4crm-2322"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19365?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0580","GHSA-33wf-4crm-2322"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vhry-3hqm-bbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/119572?format=json","vulnerability_id":"VCID-vqdk-y6g3-gugt","summary":"LibreNMS is PHP/MySQL/SNMP based network monitoring software. LibreNMS v25.4.0 and prior suffers from a Stored Cross-Site Scripting (XSS) Vulnerability in the `group name` parameter of the `http://localhost/poller/groups` form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. LibreNMS v25.5.0 contains a patch for the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47931","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00421","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47931"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47931","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47931"},{"reference_url":"https://github.com/librenms/librenms/pull/17603","reference_id":"17603","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-19T20:17:23Z/"}],"url":"https://github.com/librenms/librenms/pull/17603"},{"reference_url":"https://github.com/librenms/librenms/commit/88fe1a7abdb500d9a2d4c45f9872df54c9ff8062","reference_id":"88fe1a7abdb500d9a2d4c45f9872df54c9ff8062","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-19T20:17:23Z/"}],"url":"https://github.com/librenms/librenms/commit/88fe1a7abdb500d9a2d4c45f9872df54c9ff8062"},{"reference_url":"https://github.com/librenms/librenms/blob/25.4.0/includes/html/pages/addhost.inc.php#L284","reference_id":"addhost.inc.php#L284","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-19T20:17:23Z/"}],"url":"https://github.com/librenms/librenms/blob/25.4.0/includes/html/pages/addhost.inc.php#L284"},{"reference_url":"https://github.com/advisories/GHSA-hxw5-9cc5-cmw5","reference_id":"GHSA-hxw5-9cc5-cmw5","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hxw5-9cc5-cmw5"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-hxw5-9cc5-cmw5","reference_id":"GHSA-hxw5-9cc5-cmw5","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-19T20:17:23Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-hxw5-9cc5-cmw5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379007?format=json","purl":"pkg:composer/librenms/librenms@25.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.5.0"}],"aliases":["CVE-2025-47931","GHSA-hxw5-9cc5-cmw5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqdk-y6g3-gugt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140068?format=json","vulnerability_id":"VCID-w5bg-g2j5-7qh2","summary":"Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4980","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11462","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4980"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4980","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4980"},{"reference_url":"https://huntr.dev/bounties/470b9b13-b7fe-4b3f-a186-fdc5dc193976","reference_id":"470b9b13-b7fe-4b3f-a186-fdc5dc193976","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:54Z/"}],"url":"https://huntr.dev/bounties/470b9b13-b7fe-4b3f-a186-fdc5dc193976"},{"reference_url":"https://github.com/librenms/librenms/commit/cfd642be6a1e988453bd63069d17db3664e7de97","reference_id":"cfd642be6a1e988453bd63069d17db3664e7de97","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:54Z/"}],"url":"https://github.com/librenms/librenms/commit/cfd642be6a1e988453bd63069d17db3664e7de97"},{"reference_url":"https://github.com/advisories/GHSA-qxrq-376q-p39h","reference_id":"GHSA-qxrq-376q-p39h","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qxrq-376q-p39h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379627?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4980","GHSA-qxrq-376q-p39h"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5bg-g2j5-7qh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91811?format=json","vulnerability_id":"VCID-wkpv-dkbj-6ybd","summary":"librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameter: `/ajax_form.php` -> param: descr. Librenms version up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with the page displaying the data, the malicious script executes immediately, leading to potential unauthorized actions or data exposure. This issue has been addressed in release version 24.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23199","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48398","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-23199"},{"reference_url":"https://github.com/librenms/librenms/commit/9d07d166b87634091dcf21c62b28f9b42a3118c4","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/9d07d166b87634091dcf21c62b28f9b42a3118c4"},{"reference_url":"https://github.com/librenms/librenms/pull/16721","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/16721"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23199","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-23199"},{"reference_url":"https://github.com/advisories/GHSA-27vf-3g4f-6jp7","reference_id":"GHSA-27vf-3g4f-6jp7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-27vf-3g4f-6jp7"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-27vf-3g4f-6jp7","reference_id":"GHSA-27vf-3g4f-6jp7","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-17T14:56:42Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-27vf-3g4f-6jp7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372528?format=json","purl":"pkg:composer/librenms/librenms@24.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.11.0"}],"aliases":["CVE-2025-23199","GHSA-27vf-3g4f-6jp7"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkpv-dkbj-6ybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139914?format=json","vulnerability_id":"VCID-wq47-3ncm-7kfn","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4982","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00312","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4982"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4982","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4982"},{"reference_url":"https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769","reference_id":"2c5960631c49f7414f61b6d4dcd305b07da05769","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:05Z/"}],"url":"https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769"},{"reference_url":"https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e","reference_id":"d3c2dd8a-883c-400e-a1a7-326c3fd37b9e","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:05Z/"}],"url":"https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e"},{"reference_url":"https://github.com/advisories/GHSA-m6jj-fgmh-3p8r","reference_id":"GHSA-m6jj-fgmh-3p8r","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-m6jj-fgmh-3p8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379627?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4982","GHSA-m6jj-fgmh-3p8r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wq47-3ncm-7kfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43383?format=json","vulnerability_id":"VCID-x61k-4513-hqew","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Services\" tab of the Device page allows authenticated users to inject arbitrary JavaScript through the \"descr\" parameter when adding a service to a device. This vulnerability could result in the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and enabling unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-52526","reference_id":"","reference_type":"","scores":[{"value":"0.01189","scoring_system":"epss","scoring_elements":"0.79231","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-52526"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52526","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-52526"},{"reference_url":"https://github.com/librenms/librenms/commit/30e522c29bbb1f9b72951025e7049a26c7e1d76e","reference_id":"30e522c29bbb1f9b72951025e7049a26c7e1d76e","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:38:05Z/"}],"url":"https://github.com/librenms/librenms/commit/30e522c29bbb1f9b72951025e7049a26c7e1d76e"},{"reference_url":"https://github.com/advisories/GHSA-8fh4-942r-jf2g","reference_id":"GHSA-8fh4-942r-jf2g","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8fh4-942r-jf2g"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-8fh4-942r-jf2g","reference_id":"GHSA-8fh4-942r-jf2g","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:38:05Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-8fh4-942r-jf2g"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-52526","GHSA-8fh4-942r-jf2g"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x61k-4513-hqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70863?format=json","vulnerability_id":"VCID-x6na-j6w4-n7aj","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. In versions 26.1.1 and below, the port group name is not sanitized, allowing attackers with admin privileges to perform Stored Cross-Site Scripting (XSS) attacks. When a user adds a port group, an HTTP POST request is sent to the Request-URI \"/port-groups\". The name of the newly created port group is stored in the value of the name parameter. After the port group is created, the entry is displayed along with relevant buttons such as Edit and Delete. This issue has been fixed in version 26.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26992","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00194","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26992"},{"reference_url":"https://github.com/librenms/librenms/pull/19042","reference_id":"19042","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:52:54Z/"}],"url":"https://github.com/librenms/librenms/pull/19042"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/26.2.0","reference_id":"26.2.0","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:52:54Z/"}],"url":"https://github.com/librenms/librenms/releases/tag/26.2.0"},{"reference_url":"https://github.com/librenms/librenms/commit/882fe6f90ea504a3732f83caf89bba7850a5699f","reference_id":"882fe6f90ea504a3732f83caf89bba7850a5699f","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:52:54Z/"}],"url":"https://github.com/librenms/librenms/commit/882fe6f90ea504a3732f83caf89bba7850a5699f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26992","reference_id":"CVE-2026-26992","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26992"},{"reference_url":"https://github.com/advisories/GHSA-93fx-g747-695x","reference_id":"GHSA-93fx-g747-695x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-93fx-g747-695x"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-93fx-g747-695x","reference_id":"GHSA-93fx-g747-695x","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-20T15:52:54Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-93fx-g747-695x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39372?format=json","purl":"pkg:composer/librenms/librenms@26.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-mb8k-971z-myd1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.2.0"}],"aliases":["CVE-2026-26992","GHSA-93fx-g747-695x"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6na-j6w4-n7aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70869?format=json","vulnerability_id":"VCID-x8rp-7y5r-v3eg","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below have a Time-Based Blind SQL Injection vulnerability in address-search.inc.php via the address parameter. When a crafted subnet prefix is supplied, the prefix value is concatenated directly into an SQL query without proper parameter binding, allowing an attacker to manipulate query logic and infer database information through time-based conditional responses. This vulnerability requires authentication and is exploitable by any authenticated user. This issue has been fixedd in version 26.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26990","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00131","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-26990"},{"reference_url":"https://github.com/librenms/librenms/commit/15429580baba03ed1dd377bada1bde4b7a1175a1","reference_id":"15429580baba03ed1dd377bada1bde4b7a1175a1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:29:14Z/"}],"url":"https://github.com/librenms/librenms/commit/15429580baba03ed1dd377bada1bde4b7a1175a1"},{"reference_url":"https://github.com/librenms/librenms/pull/18777","reference_id":"18777","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:29:14Z/"}],"url":"https://github.com/librenms/librenms/pull/18777"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26990","reference_id":"CVE-2026-26990","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26990"},{"reference_url":"https://github.com/advisories/GHSA-79q9-wc6p-cf92","reference_id":"GHSA-79q9-wc6p-cf92","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-79q9-wc6p-cf92"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-79q9-wc6p-cf92","reference_id":"GHSA-79q9-wc6p-cf92","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T15:29:14Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-79q9-wc6p-cf92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39372?format=json","purl":"pkg:composer/librenms/librenms@26.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-mb8k-971z-myd1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@26.2.0"}],"aliases":["CVE-2026-26990","GHSA-79q9-wc6p-cf92"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x8rp-7y5r-v3eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174603?format=json","vulnerability_id":"VCID-xf97-1u9d-mbhx","summary":"Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3561","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64875","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3561"},{"reference_url":"https://huntr.com/bounties/7389e6eb-4bce-4b97-999d-d3b70d8cee34","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.com/bounties/7389e6eb-4bce-4b97-999d-d3b70d8cee34"},{"reference_url":"https://huntr.dev/bounties/7389e6eb-4bce-4b97-999d-d3b70d8cee34","reference_id":"7389e6eb-4bce-4b97-999d-d3b70d8cee34","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T19:59:59Z/"}],"url":"https://huntr.dev/bounties/7389e6eb-4bce-4b97-999d-d3b70d8cee34"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3561","reference_id":"CVE-2022-3561","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3561"},{"reference_url":"https://github.com/librenms/librenms/commit/d86cbcd96d684e4de8dfa50b4490e4e02782d242","reference_id":"d86cbcd96d684e4de8dfa50b4490e4e02782d242","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T19:59:59Z/"}],"url":"https://github.com/librenms/librenms/commit/d86cbcd96d684e4de8dfa50b4490e4e02782d242"},{"reference_url":"https://github.com/advisories/GHSA-264w-gw9g-fhgj","reference_id":"GHSA-264w-gw9g-fhgj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-264w-gw9g-fhgj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27935?format=json","purl":"pkg:composer/librenms/librenms@22.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.10.0"}],"aliases":["CVE-2022-3561","GHSA-264w-gw9g-fhgj"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xf97-1u9d-mbhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204151?format=json","vulnerability_id":"VCID-y1p7-5z78-xkc2","summary":"Path Traversal in LibreNMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12464","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0071","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12464"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-limited-local-file-inclusion-via-directory-traversal-vulnerability-xl-19-019","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-limited-local-file-inclusion-via-directory-traversal-vulnerability-xl-19-019"},{"reference_url":"https://www.darkmatter.ae/xen1thlabs/librenms-limited-local-file-inclusion-via-directory-traversal-vulnerability-xl-19-019/","reference_id":"","reference_type":"","scores":[],"url":"https://www.darkmatter.ae/xen1thlabs/librenms-limited-local-file-inclusion-via-directory-traversal-vulnerability-xl-19-019/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12464","reference_id":"CVE-2019-12464","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12464"},{"reference_url":"https://github.com/advisories/GHSA-r336-jxfr-4c3c","reference_id":"GHSA-r336-jxfr-4c3c","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r336-jxfr-4c3c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/15650?format=json","purl":"pkg:composer/librenms/librenms@1.53.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.53.0"},{"url":"http://public2.vulnerablecode.io/api/packages/448361?format=json","purl":"pkg:composer/librenms/librenms@1.53","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.53"}],"aliases":["CVE-2019-12464","GHSA-r336-jxfr-4c3c"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1p7-5z78-xkc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208156?format=json","vulnerability_id":"VCID-y22w-mxrw-sbh1","summary":"Cross-site Scripting in librenms","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0576","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00328","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0576"},{"reference_url":"https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd"},{"reference_url":"https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0576","reference_id":"CVE-2022-0576","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0576"},{"reference_url":"https://github.com/advisories/GHSA-rp34-85x3-3764","reference_id":"GHSA-rp34-85x3-3764","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rp34-85x3-3764"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19367?format=json","purl":"pkg:composer/librenms/librenms@22.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/19365?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0576","GHSA-rp34-85x3-3764"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y22w-mxrw-sbh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57650?format=json","vulnerability_id":"VCID-ykxk-6j99-hqd2","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting (XSS) can be achieved by uploading a new Background for a Custom Map. Users with \"admin\" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload which will trigger on load. This led to Stored Cross-Site Scripting (XSS). The vulnerability is fixed in 24.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47528","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61488","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47528"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47528","reference_id":"CVE-2024-47528","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"1.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47528"},{"reference_url":"https://github.com/librenms/librenms/commit/d959bf1b366319eda16e3cd6dfda8a22beb203be","reference_id":"d959bf1b366319eda16e3cd6dfda8a22beb203be","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"1.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:07:21Z/"}],"url":"https://github.com/librenms/librenms/commit/d959bf1b366319eda16e3cd6dfda8a22beb203be"},{"reference_url":"https://github.com/advisories/GHSA-x8gm-j36p-fppf","reference_id":"GHSA-x8gm-j36p-fppf","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x8gm-j36p-fppf"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-x8gm-j36p-fppf","reference_id":"GHSA-x8gm-j36p-fppf","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"1.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P"},{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:07:21Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-x8gm-j36p-fppf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33584?format=json","purl":"pkg:composer/librenms/librenms@24.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-zhac-9svg-4fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.9.0"}],"aliases":["CVE-2024-47528","GHSA-x8gm-j36p-fppf"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykxk-6j99-hqd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/302732?format=json","vulnerability_id":"VCID-zbz2-hwqc-6ye4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18478","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06525","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18478"},{"reference_url":"https://github.com/librenms/librenms/issues/9170","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/issues/9170"},{"reference_url":"https://github.com/librenms/librenms/pull/9171","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/9171"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/1.44","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/1.44"},{"reference_url":"https://hackpuntes.com/cve-2018-18478-libre-nms-1-43-cross-site-scripting-persistente","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackpuntes.com/cve-2018-18478-libre-nms-1-43-cross-site-scripting-persistente"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18478","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-18478"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386494?format=json","purl":"pkg:composer/librenms/librenms@1.44.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.44.0"},{"url":"http://public2.vulnerablecode.io/api/packages/432650?format=json","purl":"pkg:composer/librenms/librenms@1.44","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-1bhu-qkzp-tqas"},{"vulnerability":"VCID-2dax-4ghn-mffp"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-3qv3-74t6-6fhs"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-5qc1-g4x7-n3fp"},{"vulnerability":"VCID-61va-qddt-rbf2"},{"vulnerability":"VCID-656h-mks2-6yaw"},{"vulnerability":"VCID-8333-p936-4yen"},{"vulnerability":"VCID-8xsz-9mtq-w7ct"},{"vulnerability":"VCID-8ytn-qf7f-yfbf"},{"vulnerability":"VCID-91gw-qj5p-y3ed"},{"vulnerability":"VCID-92gm-nsf8-d7dt"},{"vulnerability":"VCID-98wd-pvht-nqfu"},{"vulnerability":"VCID-9zy9-ue2n-87b4"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-bgm3-4nkb-c3bs"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cewc-v19g-yqf6"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dku9-fked-fueu"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-ek4h-m8w9-t7bp"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-gzvy-qsmz-a7ca"},{"vulnerability":"VCID-hhhz-1bd6-3bfy"},{"vulnerability":"VCID-j176-ekvg-3ufv"},{"vulnerability":"VCID-ja3k-pqg6-cuct"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3tp-p2ay-5bf3"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kj8w-8fft-m3em"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-kujx-pwg2-9kfx"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-p7fj-s4ra-rqfe"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-qc4w-r2jh-a7hx"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-r7fv-dr67-j7ht"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-s58c-1ss7-jbh1"},{"vulnerability":"VCID-sm1m-7ca9-vfb4"},{"vulnerability":"VCID-sp7z-xykf-e7ce"},{"vulnerability":"VCID-srqm-zv16-eubv"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tj46-drf4-q7hy"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-tube-fx1x-cka6"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-upyd-sq4n-hycq"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-veyg-29sb-x7cs"},{"vulnerability":"VCID-vhry-3hqm-bbaz"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-w5bg-g2j5-7qh2"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-wq47-3ncm-7kfn"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-xf97-1u9d-mbhx"},{"vulnerability":"VCID-y1p7-5z78-xkc2"},{"vulnerability":"VCID-y22w-mxrw-sbh1"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"},{"vulnerability":"VCID-zz5d-y7ak-zbdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.44"}],"aliases":["CVE-2018-18478","GHSA-9m82-f3wx-p625"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbz2-hwqc-6ye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56949?format=json","vulnerability_id":"VCID-zhac-9svg-4fb3","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Port Settings\" page allows authenticated users to inject arbitrary JavaScript through the \"name\" parameter when creating a new Port Group. This vulnerability results in the execution of malicious code when the \"Port Settings\" page is visited after the affected Port Group is added to a device, potentially compromising user sessions and allowing unauthorized actions. This vulnerability is fixed in 24.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50350","reference_id":"","reference_type":"","scores":[{"value":"0.00936","scoring_system":"epss","scoring_elements":"0.76625","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50350"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50350","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50350"},{"reference_url":"https://github.com/librenms/librenms/commit/82a744bfe29017b8b58b5752ab9e1b335bedf0a0","reference_id":"82a744bfe29017b8b58b5752ab9e1b335bedf0a0","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:45:19Z/"}],"url":"https://github.com/librenms/librenms/commit/82a744bfe29017b8b58b5752ab9e1b335bedf0a0"},{"reference_url":"https://github.com/advisories/GHSA-xh4g-c9p6-5jxg","reference_id":"GHSA-xh4g-c9p6-5jxg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xh4g-c9p6-5jxg"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-xh4g-c9p6-5jxg","reference_id":"GHSA-xh4g-c9p6-5jxg","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:45:19Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-xh4g-c9p6-5jxg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39373?format=json","purl":"pkg:composer/librenms/librenms@24.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-adhj-ruja-n7gb"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.10.0"}],"aliases":["CVE-2024-50350","GHSA-xh4g-c9p6-5jxg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhac-9svg-4fb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57663?format=json","vulnerability_id":"VCID-zwya-b48n-tfcg","summary":"LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Device Dependencies\" feature allows authenticated users to inject arbitrary JavaScript through the device name (\"hostname\" parameter). This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions. This vulnerability is fixed in 24.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47527","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59881","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-47527"},{"reference_url":"https://github.com/librenms/librenms/blob/9455173edce6971777cf6666d540eeeaf6201920/includes/html/pages/device-dependencies.inc.php#L74","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/blob/9455173edce6971777cf6666d540eeeaf6201920/includes/html/pages/device-dependencies.inc.php#L74"},{"reference_url":"https://github.com/librenms/librenms/commit/36b38a50cc10d4ed16caab92bdc18ed6abac9685","reference_id":"36b38a50cc10d4ed16caab92bdc18ed6abac9685","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-01T20:34:28Z/"}],"url":"https://github.com/librenms/librenms/commit/36b38a50cc10d4ed16caab92bdc18ed6abac9685"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47527","reference_id":"CVE-2024-47527","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47527"},{"reference_url":"https://github.com/advisories/GHSA-rwwc-2v8q-gc9v","reference_id":"GHSA-rwwc-2v8q-gc9v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rwwc-2v8q-gc9v"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-rwwc-2v8q-gc9v","reference_id":"GHSA-rwwc-2v8q-gc9v","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-01T20:34:28Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-rwwc-2v8q-gc9v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/33584?format=json","purl":"pkg:composer/librenms/librenms@24.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-e4k8-c86a-ekda"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-q132-6t8v-33h4"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-zhac-9svg-4fb3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@24.9.0"}],"aliases":["CVE-2024-47527","GHSA-rwwc-2v8q-gc9v"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwya-b48n-tfcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/146392?format=json","vulnerability_id":"VCID-zz5d-y7ak-zbdm","summary":"LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been addressed in commit `faf66035ea` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48295","reference_id":"","reference_type":"","scores":[{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.4506","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48295"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48295","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48295"},{"reference_url":"https://github.com/librenms/librenms/blob/63eeeb71722237d1461a37bb6da99fda25e02c91/app/Http/Controllers/DeviceGroupController.php#L173C21-L173C21","reference_id":"DeviceGroupController.php#L173C21-L173C21","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-10T15:46:31Z/"}],"url":"https://github.com/librenms/librenms/blob/63eeeb71722237d1461a37bb6da99fda25e02c91/app/Http/Controllers/DeviceGroupController.php#L173C21-L173C21"},{"reference_url":"https://github.com/librenms/librenms/commit/faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90","reference_id":"faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-10T15:46:31Z/"}],"url":"https://github.com/librenms/librenms/commit/faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90"},{"reference_url":"https://github.com/advisories/GHSA-8phr-637g-pxrg","reference_id":"GHSA-8phr-637g-pxrg","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8phr-637g-pxrg"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-8phr-637g-pxrg","reference_id":"GHSA-8phr-637g-pxrg","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-10T15:46:31Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-8phr-637g-pxrg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381058?format=json","purl":"pkg:composer/librenms/librenms@23.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-18g9-2u9c-nbez"},{"vulnerability":"VCID-2gun-mcx6-akcy"},{"vulnerability":"VCID-2zej-x5n6-cqbf"},{"vulnerability":"VCID-3faw-j7vn-hfaz"},{"vulnerability":"VCID-4syp-nckb-9fbw"},{"vulnerability":"VCID-5999-8pth-d7ba"},{"vulnerability":"VCID-5ehc-2e2v-wkgb"},{"vulnerability":"VCID-7eqy-4u3h-5fa5"},{"vulnerability":"VCID-ae82-tsr6-c3cw"},{"vulnerability":"VCID-byb9-nnem-5bdu"},{"vulnerability":"VCID-c5qg-fsdx-w7eg"},{"vulnerability":"VCID-cc1u-4ca7-v7he"},{"vulnerability":"VCID-cmqg-e3da-r7cf"},{"vulnerability":"VCID-cntm-etf9-kkbv"},{"vulnerability":"VCID-dgdu-jnbz-2qbe"},{"vulnerability":"VCID-dmsz-ct8c-zuf9"},{"vulnerability":"VCID-eq4t-1cwx-zfh5"},{"vulnerability":"VCID-eyv3-xp88-t7en"},{"vulnerability":"VCID-g8zs-nkxb-hyc4"},{"vulnerability":"VCID-gnfs-vu51-cbda"},{"vulnerability":"VCID-gppp-bfnm-7ba6"},{"vulnerability":"VCID-js2a-whr7-dufs"},{"vulnerability":"VCID-k3xn-xjwb-a3en"},{"vulnerability":"VCID-k5z7-q82d-tue6"},{"vulnerability":"VCID-kmqh-r237-a7gu"},{"vulnerability":"VCID-mb8k-971z-myd1"},{"vulnerability":"VCID-mj4h-397a-nqbz"},{"vulnerability":"VCID-nexf-h4db-vkh5"},{"vulnerability":"VCID-py7t-waeg-cfh8"},{"vulnerability":"VCID-r2tp-4cm4-b3b1"},{"vulnerability":"VCID-rfwn-r567-qben"},{"vulnerability":"VCID-st22-w6hp-tka9"},{"vulnerability":"VCID-tdcf-uak3-gfec"},{"vulnerability":"VCID-tq42-r5ny-nbfu"},{"vulnerability":"VCID-u5dh-nt5q-4kh2"},{"vulnerability":"VCID-uwnc-rpz9-7be2"},{"vulnerability":"VCID-vqdk-y6g3-gugt"},{"vulnerability":"VCID-wkpv-dkbj-6ybd"},{"vulnerability":"VCID-x61k-4513-hqew"},{"vulnerability":"VCID-x6na-j6w4-n7aj"},{"vulnerability":"VCID-x8rp-7y5r-v3eg"},{"vulnerability":"VCID-ykxk-6j99-hqd2"},{"vulnerability":"VCID-zhac-9svg-4fb3"},{"vulnerability":"VCID-zwya-b48n-tfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/520342?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-48295","GHSA-8phr-637g-pxrg"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zz5d-y7ak-zbdm"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@1.19"}