librenms/librenms vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the librenms/librenms package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H SQL Injection	>=25.10.0
H Cross-site Scripting (XSS)	>=25.10.0, <25.11.0
M Weak Password Requirements	>=25.10.0, <25.11.0
M Cross-site Scripting (XSS)	<25.10.0
M Cross-site Scripting (XSS)	<25.10.0
M Cross-site Scripting (XSS)	<25.7.0
M Cross-site Scripting (XSS)	<25.8.0
H PHP Remote File Inclusion	<25.7.0
M Cross-site Scripting (XSS)	<25.5.0
M Cross-site Scripting (XSS)	<24.11.0
M Cross-site Scripting (XSS)	<24.11.0
M Cross-site Scripting (XSS)	<24.11.0
M Cross-site Scripting (XSS)	<24.11.0
M Cross-site Scripting (XSS)	<24.12.0
M Cross-site Scripting (XSS)	>=24.9.0, <24.10.1
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Command Injection	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.10.0
M Cross-site Scripting (XSS)	<24.9.0
H Cross-site Scripting (XSS)	<24.9.0
M Cross-site Scripting (XSS)	<24.9.0
M Cross-site Scripting (XSS)	<24.9.0
M Cross-site Scripting (XSS)	<24.9.0
M Cross-site Scripting (XSS)	<24.9.0
H Cross-site Scripting (XSS)	<24.4.0
H SQL Injection	<24.4.0
H SQL Injection	<24.4.0
M Information Exposure	<23.11.0
M Cross-site Scripting (XSS)	<23.11.0
M Allocation of Resources Without Limits or Throttling	<23.11.0
H SQL Injection	>=0.0.0
H Cross-site Scripting (XSS)	<23.9.1
H Arbitrary Code Injection	<23.9.0
H Cross-site Scripting (XSS)	<23.9.0
H Cross-site Scripting (XSS)	<23.9.0
H Cross-site Scripting (XSS)	<23.9.0
H Cross-site Scripting (XSS)	<23.9.0
H Cross-site Scripting (XSS)	<23.9.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	<22.10.0
M Cross-site Scripting (XSS)	<22.10.0
H Cross-site Scripting (XSS)	<22.10.0
L Insufficient Session Expiration	<22.10.0
L Cross-site Scripting (XSS)	<22.10.0
C Deserialization of Untrusted Data	<22.10.0
M Cross-site Scripting (XSS)	<22.10.0
M Cross-site Scripting (XSS)	<22.10.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	<22.7.0
M Cross-site Scripting (XSS)	<22.7.0
H Command Injection	<22.4.0
M Cross-site Scripting (XSS)	>=0.0.0, <22.4.0
M Cross-site Scripting (XSS)	>=0.0.0
M Information Exposure	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
H Improper Authorization	>=0.0.0
H Improper Access Control	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
H Directory Traversal	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0
C Cross-site Scripting (XSS)	>=0.0
M Cross-site Scripting (XSS)	<21.4.0
H SQL Injection	<21.1.0
M Improper Access Control	<1.65.1
C SQL Injection	<1.65.1
M Information Exposure	<1.50.1
M Cross-site Scripting (XSS)	<1.50.1
M Directory Traversal	<1.53
H SQL Injection	<1.53
H SQL Injection	<1.53
H Directory Traversal	<1.53
H Command Injection	<1.50.1
H Authentication Bypass	<1.50.1
M Insufficient Input Validation	<1.53
M Insufficient Input Validation	<1.53
M Arbitrary File Read	<1.31
H Command Injection	>=1.46
H SQL Injection	<1.48
M Cross-site Scripting (XSS)	<1.44

Vulnerability

Vulnerable Version

SQL Injection

>=25.10.0