Browse all 75 CVE security advisories affecting LibreNMS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LibreNMS is an open-source network monitoring system designed for automated discovery and comprehensive device tracking, primarily serving IT infrastructure teams. Its architecture, built on PHP and MySQL, has historically exposed it to a significant volume of security flaws, currently totaling 75 recorded CVEs. Common vulnerability classes include remote code execution, cross-site scripting, and SQL injection, often stemming from insufficient input validation in web interfaces. Privilege escalation issues have also been prevalent, allowing unauthorized users to gain administrative control. While the project maintains an active community response to patch these defects, the sheer number of disclosed issues highlights the challenges of maintaining complex web-based monitoring tools. Recent incidents have largely focused on authenticated attacks, emphasizing the critical need for strict access controls and regular updates to mitigate exploitation risks in production environments.
CVE-2024-515022026-05-08GHSA-pr3g-phhr-h8fh2026-04-18CVE-2026-304802026-04-18CVE-2026-269902026-02-21CVE-2024-514942026-02-21CVE-2026-269922026-02-21CVE-2026-269882026-02-21CVE-2025-650142025-11-19CVE-2021-467122025-10-17CVE-2025-52962025-08-20CVE-2025-541382025-07-26Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with LibreNMS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.