{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","type":"composer","namespace":"librenms","name":"librenms","version":"201609","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42405?format=json","vulnerability_id":"VCID-1q9d-aqn7-67ad","summary":"Improper Authorization\nImproper authorization handling was found in librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0587","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00058","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0587"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7"},{"reference_url":"https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0587","reference_id":"CVE-2022-0587","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0587"},{"reference_url":"https://github.com/advisories/GHSA-ppfm-rj6p-38q6","reference_id":"GHSA-ppfm-rj6p-38q6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-ppfm-rj6p-38q6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60660?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0587","GHSA-ppfm-rj6p-38q6"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1q9d-aqn7-67ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45846?format=json","vulnerability_id":"VCID-2ccw-938t-yyaj","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4347","reference_id":"","reference_type":"","scores":[{"value":"0.77327","scoring_system":"epss","scoring_elements":"0.98999","published_at":"2026-06-07T12:55:00Z"},{"value":"0.77327","scoring_system":"epss","scoring_elements":"0.99","published_at":"2026-06-06T12:55:00Z"},{"value":"0.77327","scoring_system":"epss","scoring_elements":"0.98998","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4347"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:39:38Z/"}],"url":"https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824"},{"reference_url":"https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T13:39:38Z/"}],"url":"https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4347","reference_id":"CVE-2023-4347","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4347"},{"reference_url":"https://github.com/advisories/GHSA-m6pf-cm3f-7876","reference_id":"GHSA-m6pf-cm3f-7876","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m6pf-cm3f-7876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66567?format=json","purl":"pkg:composer/librenms/librenms@23.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4347","GHSA-m6pf-cm3f-7876"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ccw-938t-yyaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42397?format=json","vulnerability_id":"VCID-64kz-hnxr-vud5","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) was found in librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0576","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00336","published_at":"2026-06-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0033","published_at":"2026-06-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00332","published_at":"2026-06-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00338","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0576"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd"},{"reference_url":"https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0576","reference_id":"CVE-2022-0576","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0576"},{"reference_url":"https://github.com/advisories/GHSA-rp34-85x3-3764","reference_id":"GHSA-rp34-85x3-3764","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rp34-85x3-3764"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60669?format=json","purl":"pkg:composer/librenms/librenms@22.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-1q9d-aqn7-67ad"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-64kz-hnxr-vud5"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-76bn-2u1y-kqf2"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-m1hm-kqrc-3kbj"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-wkt4-vdr8-mkgk"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/60660?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0576","GHSA-rp34-85x3-3764"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-64kz-hnxr-vud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46431?format=json","vulnerability_id":"VCID-6cy6-6ss3-tqaz","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nLibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been addressed in commit `faf66035ea` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48295","reference_id":"","reference_type":"","scores":[{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45023","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45007","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44994","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45044","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45039","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48295"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/blob/63eeeb71722237d1461a37bb6da99fda25e02c91/app/Http/Controllers/DeviceGroupController.php#L173C21-L173C21","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-10T15:46:31Z/"}],"url":"https://github.com/librenms/librenms/blob/63eeeb71722237d1461a37bb6da99fda25e02c91/app/Http/Controllers/DeviceGroupController.php#L173C21-L173C21"},{"reference_url":"https://github.com/librenms/librenms/commit/faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-10T15:46:31Z/"}],"url":"https://github.com/librenms/librenms/commit/faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48295","reference_id":"CVE-2023-48295","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48295"},{"reference_url":"https://github.com/advisories/GHSA-8phr-637g-pxrg","reference_id":"GHSA-8phr-637g-pxrg","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8phr-637g-pxrg"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-8phr-637g-pxrg","reference_id":"GHSA-8phr-637g-pxrg","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-10T15:46:31Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-8phr-637g-pxrg"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67799?format=json","purl":"pkg:composer/librenms/librenms@23.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-48295","GHSA-8phr-637g-pxrg"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6cy6-6ss3-tqaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42398?format=json","vulnerability_id":"VCID-76bn-2u1y-kqf2","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nA stored Cross-site Scripting (XSS) vulnerability was found in librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0575","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07936","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07983","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07969","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07927","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07908","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07959","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0575"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54"},{"reference_url":"https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0575","reference_id":"CVE-2022-0575","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0575"},{"reference_url":"https://github.com/advisories/GHSA-hxmr-5gv9-6p8v","reference_id":"GHSA-hxmr-5gv9-6p8v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hxmr-5gv9-6p8v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60660?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0575","GHSA-hxmr-5gv9-6p8v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76bn-2u1y-kqf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46210?format=json","vulnerability_id":"VCID-af73-74xn-9fap","summary":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')\nSQL Injection in GitHub repository librenms/librenms prior to 23.10.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5591","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31306","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31297","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31274","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31378","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31344","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5591"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T17:15:06Z/"}],"url":"https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e"},{"reference_url":"https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T17:15:06Z/"}],"url":"https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5591","reference_id":"CVE-2023-5591","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5591"},{"reference_url":"https://github.com/advisories/GHSA-mr6h-7x2m-rgmq","reference_id":"GHSA-mr6h-7x2m-rgmq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mr6h-7x2m-rgmq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67342?format=json","purl":"pkg:composer/librenms/librenms@23.10.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.10.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-5591","GHSA-mr6h-7x2m-rgmq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-af73-74xn-9fap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41669?format=json","vulnerability_id":"VCID-bczm-p4wu-efdm","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nLibreNMS allows XSS via a widget title.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43324","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00111","published_at":"2026-06-08T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.0011","published_at":"2026-06-09T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00114","published_at":"2026-06-06T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00112","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43324"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/99d2462b80435b91a35236639b909eebee432126","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/99d2462b80435b91a35236639b909eebee432126"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43324","reference_id":"CVE-2021-43324","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43324"},{"reference_url":"https://github.com/advisories/GHSA-46rx-6jg9-4fh8","reference_id":"GHSA-46rx-6jg9-4fh8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-46rx-6jg9-4fh8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59686?format=json","purl":"pkg:composer/librenms/librenms@21.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-1q9d-aqn7-67ad"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-47n6-dbkp-gbb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-64kz-hnxr-vud5"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-76bn-2u1y-kqf2"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-m1hm-kqrc-3kbj"},{"vulnerability":"VCID-m6z4-dez3-5kac"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-q6u9-mpr9-8qd2"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-r5m1-15dd-yfc4"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-wkt4-vdr8-mkgk"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@21.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2021-43324","GHSA-46rx-6jg9-4fh8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bczm-p4wu-efdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46432?format=json","vulnerability_id":"VCID-cvn6-ggwj-9fcm","summary":"LibreNMS vulnerable to rate limiting bypass on login page\nLibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain access to user accounts. This issue has been addressed in version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46745","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00787","published_at":"2026-06-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00782","published_at":"2026-06-09T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00781","published_at":"2026-06-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00789","published_at":"2026-06-06T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00786","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46745"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/7c006e96251ae1d32e1a015b361a7bfbb815c028","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/7c006e96251ae1d32e1a015b361a7bfbb815c028"},{"reference_url":"https://github.com/librenms/librenms/pull/15558","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/15558"},{"reference_url":"https://github.com/librenms/librenms/releases/tag/23.11.0","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/releases/tag/23.11.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46745","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46745"},{"reference_url":"https://github.com/advisories/GHSA-rq42-58qf-v3qx","reference_id":"GHSA-rq42-58qf-v3qx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rq42-58qf-v3qx"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx","reference_id":"GHSA-rq42-58qf-v3qx","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-29T14:08:45Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-rq42-58qf-v3qx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67799?format=json","purl":"pkg:composer/librenms/librenms@23.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-46745","GHSA-rq42-58qf-v3qx"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvn6-ggwj-9fcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42538?format=json","vulnerability_id":"VCID-kn2w-mmss-s7hu","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0772","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0389","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03903","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03906","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03883","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03867","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03891","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0772"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281"},{"reference_url":"https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0772","reference_id":"CVE-2022-0772","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0772"},{"reference_url":"https://github.com/advisories/GHSA-vhm6-gw82-6f8j","reference_id":"GHSA-vhm6-gw82-6f8j","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vhm6-gw82-6f8j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60817?format=json","purl":"pkg:composer/librenms/librenms@22.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0772","GHSA-vhm6-gw82-6f8j"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kn2w-mmss-s7hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42399?format=json","vulnerability_id":"VCID-m1hm-kqrc-3kbj","summary":"Improper Access Control\nImproper access control was found in librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0580","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00033","published_at":"2026-06-08T12:55:00Z"},{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00032","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0580"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7"},{"reference_url":"https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0580","reference_id":"CVE-2022-0580","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0580"},{"reference_url":"https://github.com/advisories/GHSA-33wf-4crm-2322","reference_id":"GHSA-33wf-4crm-2322","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-33wf-4crm-2322"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60660?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0580","GHSA-33wf-4crm-2322"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m1hm-kqrc-3kbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41788?format=json","vulnerability_id":"VCID-m6z4-dez3-5kac","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nLibrenms is affected by a Cross Site Scripting (XSS) vulnerability in `includes/html/common/alert-log.inc.php`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44277","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00096","published_at":"2026-06-04T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00098","published_at":"2026-06-07T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00097","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44277"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/pull/13554","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/13554"},{"reference_url":"https://github.com/librenms/librenms/pull/13554/commits/fff7b45a7599f8f13a55250dc5f2b957f3394194","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/13554/commits/fff7b45a7599f8f13a55250dc5f2b957f3394194"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44277","reference_id":"CVE-2021-44277","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44277"},{"reference_url":"https://github.com/advisories/GHSA-4gwh-2pqx-f5cc","reference_id":"GHSA-4gwh-2pqx-f5cc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4gwh-2pqx-f5cc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2021-44277","GHSA-4gwh-2pqx-f5cc"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6z4-dez3-5kac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46042?format=json","vulnerability_id":"VCID-mhf4-mtt1-t3fn","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5060","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00178","published_at":"2026-06-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.0018","published_at":"2026-06-06T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00179","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5060"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/8fd8d9b06a11060de5dc69588a1a83594a7e6f72","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T14:21:40Z/"}],"url":"https://github.com/librenms/librenms/commit/8fd8d9b06a11060de5dc69588a1a83594a7e6f72"},{"reference_url":"https://huntr.dev/bounties/01b0917d-f92f-4903-9eca-bcfc46e847e3","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T14:21:40Z/"}],"url":"https://huntr.dev/bounties/01b0917d-f92f-4903-9eca-bcfc46e847e3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5060","reference_id":"CVE-2023-5060","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5060"},{"reference_url":"https://github.com/advisories/GHSA-2q8c-gqf4-mg3v","reference_id":"GHSA-2q8c-gqf4-mg3v","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2q8c-gqf4-mg3v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66999?format=json","purl":"pkg:composer/librenms/librenms@23.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-5060","GHSA-2q8c-gqf4-mg3v"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhf4-mtt1-t3fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46034?format=json","vulnerability_id":"VCID-n5u3-c21p-ukas","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in librenms/librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4980","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1182","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11856","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1175","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11862","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4980"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/cfd642be6a1e988453bd63069d17db3664e7de97","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:54Z/"}],"url":"https://github.com/librenms/librenms/commit/cfd642be6a1e988453bd63069d17db3664e7de97"},{"reference_url":"https://huntr.dev/bounties/470b9b13-b7fe-4b3f-a186-fdc5dc193976","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:54Z/"}],"url":"https://huntr.dev/bounties/470b9b13-b7fe-4b3f-a186-fdc5dc193976"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4980","reference_id":"CVE-2023-4980","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4980"},{"reference_url":"https://github.com/advisories/GHSA-qxrq-376q-p39h","reference_id":"GHSA-qxrq-376q-p39h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qxrq-376q-p39h"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66945?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4980","GHSA-qxrq-376q-p39h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n5u3-c21p-ukas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46035?format=json","vulnerability_id":"VCID-nyn8-7mkk-zbb3","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in librenms/librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4978","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00346","published_at":"2026-06-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00344","published_at":"2026-06-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-06-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00351","published_at":"2026-06-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00352","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4978"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/e4c46a45364cb944b94abf9b83f0558b2c4c2fb7","reference_id":"","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:04Z/"}],"url":"https://github.com/librenms/librenms/commit/e4c46a45364cb944b94abf9b83f0558b2c4c2fb7"},{"reference_url":"https://huntr.dev/bounties/cefd9295-2053-4e6e-a130-7e1f845728f4","reference_id":"","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:04Z/"}],"url":"https://huntr.dev/bounties/cefd9295-2053-4e6e-a130-7e1f845728f4"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4978","reference_id":"CVE-2023-4978","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4978"},{"reference_url":"https://github.com/advisories/GHSA-qjpw-rg56-jh8v","reference_id":"GHSA-qjpw-rg56-jh8v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qjpw-rg56-jh8v"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66945?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4978","GHSA-qjpw-rg56-jh8v"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyn8-7mkk-zbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41784?format=json","vulnerability_id":"VCID-q6u9-mpr9-8qd2","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nLibrenms is affected by a Cross Site Scripting (XSS) vulnerability in `includes/html/forms/poller-groups.inc.php`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44279","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00096","published_at":"2026-06-04T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00098","published_at":"2026-06-07T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00097","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44279"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/pull/13554","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/13554"},{"reference_url":"https://github.com/librenms/librenms/pull/13554/commits/4f231a0f49b6c953d506913364ffd7fb3a660630","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/13554/commits/4f231a0f49b6c953d506913364ffd7fb3a660630"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44279","reference_id":"CVE-2021-44279","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44279"},{"reference_url":"https://github.com/advisories/GHSA-5vr6-hm68-5j9p","reference_id":"GHSA-5vr6-hm68-5j9p","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5vr6-hm68-5j9p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2021-44279","GHSA-5vr6-hm68-5j9p"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6u9-mpr9-8qd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41801?format=json","vulnerability_id":"VCID-r5m1-15dd-yfc4","summary":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nLibrenms is affected by a path manipulation vulnerability in includes/html/pages/device/showconfig.inc.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44278","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00063","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44278"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/pull/13554","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/13554"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44278","reference_id":"CVE-2021-44278","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-44278"},{"reference_url":"https://github.com/advisories/GHSA-7289-chwj-7h86","reference_id":"GHSA-7289-chwj-7h86","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7289-chwj-7h86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/59706?format=json","purl":"pkg:composer/librenms/librenms@201609.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2021-44278","GHSA-7289-chwj-7h86"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r5m1-15dd-yfc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46036?format=json","vulnerability_id":"VCID-sa1y-ej2a-fba9","summary":"LibreNMS Code Injection vulnerability\nCode Injection in GitHub repository librenms/librenms prior to 23.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4977","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18876","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18774","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18755","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18835","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4977"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:32:02Z/"}],"url":"https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0"},{"reference_url":"https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:32:02Z/"}],"url":"https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4977","reference_id":"CVE-2023-4977","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4977"},{"reference_url":"https://github.com/advisories/GHSA-57m2-mpc7-gwgx","reference_id":"GHSA-57m2-mpc7-gwgx","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-57m2-mpc7-gwgx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66945?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4977","GHSA-57m2-mpc7-gwgx"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sa1y-ej2a-fba9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46030?format=json","vulnerability_id":"VCID-u1km-tzd2-5bhq","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in librenms/librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4982","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00343","published_at":"2026-06-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00346","published_at":"2026-06-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00352","published_at":"2026-06-06T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00344","published_at":"2026-06-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00351","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4982"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:05Z/"}],"url":"https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769"},{"reference_url":"https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:05Z/"}],"url":"https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4982","reference_id":"CVE-2023-4982","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4982"},{"reference_url":"https://github.com/advisories/GHSA-m6jj-fgmh-3p8r","reference_id":"GHSA-m6jj-fgmh-3p8r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m6jj-fgmh-3p8r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66945?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4982","GHSA-m6jj-fgmh-3p8r"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1km-tzd2-5bhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46038?format=json","vulnerability_id":"VCID-us6w-wwkm-dqc5","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in librenms/librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4979","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1182","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11856","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.1175","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11862","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4979"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:14Z/"}],"url":"https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03"},{"reference_url":"https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:29:14Z/"}],"url":"https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4979","reference_id":"CVE-2023-4979","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4979"},{"reference_url":"https://github.com/advisories/GHSA-jp3c-g46v-jg2c","reference_id":"GHSA-jp3c-g46v-jg2c","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jp3c-g46v-jg2c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66945?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4979","GHSA-jp3c-g46v-jg2c"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-us6w-wwkm-dqc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57875?format=json","vulnerability_id":"VCID-uzy1-yh5d-dqbt","summary":"LibreNMS allows stored XSS in Alert Template name field\nA stored Cross-Site Scripting (XSS) vulnerability exists in LibreNMS (<= 25.6.0) in the Alert Template creation feature. This allows a user with the **admin role** to inject malicious JavaScript, which will be executed when the template is rendered, potentially compromising other admin accounts.\n\n---","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55296","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04536","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0455","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04526","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04558","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04502","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55296"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/8ade3d827d317f5ac4b336617aafff865f825958","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-18T17:37:45Z/"}],"url":"https://github.com/librenms/librenms/commit/8ade3d827d317f5ac4b336617aafff865f825958"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55296","reference_id":"CVE-2025-55296","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55296"},{"reference_url":"https://github.com/advisories/GHSA-vxq6-8cwm-wj99","reference_id":"GHSA-vxq6-8cwm-wj99","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vxq6-8cwm-wj99"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-vxq6-8cwm-wj99","reference_id":"GHSA-vxq6-8cwm-wj99","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-18T17:37:45Z/"}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-vxq6-8cwm-wj99"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86116?format=json","purl":"pkg:composer/librenms/librenms@25.8.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-rq5b-4ktu-syf3"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@25.8.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2025-55296","GHSA-vxq6-8cwm-wj99"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzy1-yh5d-dqbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46027?format=json","vulnerability_id":"VCID-w9mu-bbkx-sbeq","summary":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in librenms/librenms.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4981","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16458","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16539","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16581","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16473","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16584","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4981"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:46Z/"}],"url":"https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7"},{"reference_url":"https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-20T17:28:46Z/"}],"url":"https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4981","reference_id":"CVE-2023-4981","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4981"},{"reference_url":"https://github.com/advisories/GHSA-5jjm-qp48-qp86","reference_id":"GHSA-5jjm-qp48-qp86","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5jjm-qp48-qp86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/66945?format=json","purl":"pkg:composer/librenms/librenms@23.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-4981","GHSA-5jjm-qp48-qp86"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9mu-bbkx-sbeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42436?format=json","vulnerability_id":"VCID-wkt4-vdr8-mkgk","summary":"Missing Authorization in librenms/librenms\nMissing Authorization in Packagist librenms/librenms prior to 22.2.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0588","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00043","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0588"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7"},{"reference_url":"https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d"},{"reference_url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0588","reference_id":"CVE-2022-0588","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0588"},{"reference_url":"https://github.com/advisories/GHSA-254q-rqmw-vx45","reference_id":"GHSA-254q-rqmw-vx45","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-254q-rqmw-vx45"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60660?format=json","purl":"pkg:composer/librenms/librenms@22.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-13ug-m6cb-hbcc"},{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-kn2w-mmss-s7hu"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"},{"vulnerability":"VCID-zech-eg55-gbcn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-0588","GHSA-254q-rqmw-vx45"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkt4-vdr8-mkgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46434?format=json","vulnerability_id":"VCID-y3qu-d719-jff6","summary":"LibreNMS has Broken Access control on Graphs Feature\nLibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions of LibreNMS when a user accesses their device dashboard, one request is sent to `graph.php` to access graphs generated on the particular Device. This request can be accessed by a low privilege user and they can enumerate devices on librenms with their id or hostname. Leveraging this vulnerability a low privilege user can see all devices registered by admin users. This vulnerability has been addressed in commit `489978a923` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48294","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06904","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06873","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06866","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06918","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06914","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48294"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/blob/fa93034edd40c130c2ff00667ca2498d84be6e69/html/graph.php#L19C1-L25C2","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/blob/fa93034edd40c130c2ff00667ca2498d84be6e69/html/graph.php#L19C1-L25C2"},{"reference_url":"https://github.com/librenms/librenms/commit/489978a923ed52aa243d3419889ca298a8a6a7cf","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/489978a923ed52aa243d3419889ca298a8a6a7cf"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48294","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48294"},{"reference_url":"https://github.com/advisories/GHSA-fpq5-4vwm-78x4","reference_id":"GHSA-fpq5-4vwm-78x4","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fpq5-4vwm-78x4"},{"reference_url":"https://github.com/librenms/librenms/security/advisories/GHSA-fpq5-4vwm-78x4","reference_id":"GHSA-fpq5-4vwm-78x4","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/security/advisories/GHSA-fpq5-4vwm-78x4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67799?format=json","purl":"pkg:composer/librenms/librenms@23.11.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3prv-5fpd-c3hd"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@23.11.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2023-48294","GHSA-fpq5-4vwm-78x4"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3qu-d719-jff6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109274?format=json","vulnerability_id":"VCID-zech-eg55-gbcn","summary":"LibreNMS stored Cross-site Scripting via Schedule Maintenance `Title` parameter\nLibreNMS versions 22.8.0 and prior allow attackers to execute arbitrary JavaScript code via the Schedule Maintenance `Title` parameter. A patch is available and anticipated to be part of version 22.9.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3231","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55366","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55377","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55372","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55346","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55316","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3231"},{"reference_url":"https://github.com/librenms/librenms","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms"},{"reference_url":"https://github.com/librenms/librenms/commit/08050020861230ff96a6507b309cc172a9e70af8","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/commit/08050020861230ff96a6507b309cc172a9e70af8"},{"reference_url":"https://github.com/librenms/librenms/pull/14360","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/librenms/librenms/pull/14360"},{"reference_url":"https://huntr.dev/bounties/bcb6ee68-1452-4fdb-932a-f1031d10984f","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/bcb6ee68-1452-4fdb-932a-f1031d10984f"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3231","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3231"},{"reference_url":"https://github.com/advisories/GHSA-3jh2-wmv7-m932","reference_id":"GHSA-3jh2-wmv7-m932","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3jh2-wmv7-m932"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/146087?format=json","purl":"pkg:composer/librenms/librenms@22.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ccw-938t-yyaj"},{"vulnerability":"VCID-2t5k-atx8-eycd"},{"vulnerability":"VCID-2w1a-3ym6-hygb"},{"vulnerability":"VCID-2z9m-fwyr-17b3"},{"vulnerability":"VCID-3b6p-2q4u-kkb5"},{"vulnerability":"VCID-5f5f-pkcz-bfhr"},{"vulnerability":"VCID-5hwq-6gme-c3gh"},{"vulnerability":"VCID-5vg7-7y5w-muhw"},{"vulnerability":"VCID-6cy6-6ss3-tqaz"},{"vulnerability":"VCID-7f5s-p5u4-abhh"},{"vulnerability":"VCID-7fbt-znx9-ukaj"},{"vulnerability":"VCID-7m7b-578h-bqhj"},{"vulnerability":"VCID-7s6j-vmn5-p7eh"},{"vulnerability":"VCID-7srz-umtt-n7e1"},{"vulnerability":"VCID-8ks5-6azh-67ed"},{"vulnerability":"VCID-8nsn-f1fc-6ucm"},{"vulnerability":"VCID-98mh-t1va-xqa8"},{"vulnerability":"VCID-99dx-dees-2fg3"},{"vulnerability":"VCID-af73-74xn-9fap"},{"vulnerability":"VCID-appm-zs6z-v3b2"},{"vulnerability":"VCID-b67g-878z-sygx"},{"vulnerability":"VCID-bfnn-xz3r-sfcv"},{"vulnerability":"VCID-ca8g-usbx-5ydu"},{"vulnerability":"VCID-cvn6-ggwj-9fcm"},{"vulnerability":"VCID-dff6-r5mp-p3d5"},{"vulnerability":"VCID-f9v9-rmse-cbcg"},{"vulnerability":"VCID-fc9k-4dhn-m7du"},{"vulnerability":"VCID-gj21-fy13-33h2"},{"vulnerability":"VCID-h5y9-mrn4-q7br"},{"vulnerability":"VCID-hacq-7c9c-qkaz"},{"vulnerability":"VCID-hj1w-rpxt-4ygp"},{"vulnerability":"VCID-jjwh-716d-73hc"},{"vulnerability":"VCID-jwh7-vtxs-aqhr"},{"vulnerability":"VCID-kkqd-nzsw-23cr"},{"vulnerability":"VCID-mchv-4jpx-audc"},{"vulnerability":"VCID-me5y-39aj-fkhe"},{"vulnerability":"VCID-mhf4-mtt1-t3fn"},{"vulnerability":"VCID-n5u3-c21p-ukas"},{"vulnerability":"VCID-ncgs-c7tb-gbfg"},{"vulnerability":"VCID-nyn8-7mkk-zbb3"},{"vulnerability":"VCID-pksv-nv1a-sqev"},{"vulnerability":"VCID-qhpe-7ws8-kqb7"},{"vulnerability":"VCID-qqnn-43db-guek"},{"vulnerability":"VCID-sa1y-ej2a-fba9"},{"vulnerability":"VCID-t5mk-a8n2-rkcg"},{"vulnerability":"VCID-u1km-tzd2-5bhq"},{"vulnerability":"VCID-us6w-wwkm-dqc5"},{"vulnerability":"VCID-uuwy-rk5r-tkc7"},{"vulnerability":"VCID-ux81-kyy9-bkaz"},{"vulnerability":"VCID-uzy1-yh5d-dqbt"},{"vulnerability":"VCID-v2sw-u952-7qfz"},{"vulnerability":"VCID-v3wv-6q6b-fqa3"},{"vulnerability":"VCID-vepx-waum-1bfc"},{"vulnerability":"VCID-w5dm-5pyj-cfef"},{"vulnerability":"VCID-w9mu-bbkx-sbeq"},{"vulnerability":"VCID-whxh-v47a-8yhh"},{"vulnerability":"VCID-x1aq-5a19-yye7"},{"vulnerability":"VCID-y3qu-d719-jff6"},{"vulnerability":"VCID-y5mq-m57f-b3bx"},{"vulnerability":"VCID-y6jm-2987-9uh2"},{"vulnerability":"VCID-yhmt-yukb-kuge"},{"vulnerability":"VCID-ywp5-cwm9-afb5"},{"vulnerability":"VCID-z744-37t6-pud6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@22.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/539238?format=json","purl":"pkg:composer/librenms/librenms@201609","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}],"aliases":["CVE-2022-3231","GHSA-3jh2-wmv7-m932"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zech-eg55-gbcn"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/librenms/librenms@201609"}