24/12/2025

ZDI-25-1182: LibreNMS Alert Rule API Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute arbitrary script on affected installations of LibreNMS. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2025-68614.

Comments are closed.

You may also like

ZDI-25-915: Linux Kernel io_uring Futex Request Use-After-Free Local Privilege Escalation Vulnerability

ZDI-26-128: (Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability