Vulnerabilities

CVE-2026-26989 - LibreNMS has Stored XSS in Alert Rule

2026-02-20 0 views admin

CVE ID : CVE-2026-26989 Published : Feb. 20, 2026, 2:16 a.m. | 26 minutes ago Description : LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Alert Rules workflow. An attacker with administrative privileges can inject malicious scripts that execute in the browser context of any user who accesses the Alert Rules page. This issue has been fixed in version 26.2.0. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-26989

Severity

MEDIUM

Published

Feb. 20, 2026

Affected Product: PHP

Attack Vector: network

Impact: XSS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-26989mediumphp

CVE-2026-26989 - LibreNMS has Stored XSS in Alert Rule

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-3134 - itsourcecode News Portal Project edit-category.php sql injection

CVE-2026-3133 - itsourcecode Document Management System Login loging.php sql injection

CVE-2025-46320 - FileMaker WebDirect Cross-Site Scripting (XSS)

CVE-2026-21410 - InSAT MasterSCADA BUK-TS SQL Injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting