Nixpkgs security tracker

Untriaged

Permalink CVE-2026-27016

5.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): NONE

created 2 months ago Activity log

Created suggestion 2 months ago

LibreNMS has Stored XSS in Custom OID - unit parameter missing strip_tags()

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 24.10.0 through 26.1.1 are vulnerable to Stored XSS via the unit parameter in Custom OID. The Custom OID functionality lacks strip_tags() sanitization while other fields (name, oid, datatype) are sanitized. The unsanitized value is stored in the database and rendered without HTML escaping. This issue is fixed in version 26.2.0.

References

https://github.com/librenms/librenms/security/advisories/GHSA-fqx6-693c-f55g x_refsource_CONFIRM
https://github.com/librenms/librenms/pull/19040 x_refsource_MISC
https://github.com/librenms/librenms/commit/3bea263e02441690c01dea7fa3fe6ffec94af335 x_refsource_MISC
https://github.com/librenms/librenms/releases/tag/26.2.0 x_refsource_MISC

Affected products

librenms

==>= 24.10.0, < 26.2.0

Matching in nixpkgs

pkgs.librenms

Auto-discovering PHP/MySQL/SNMP based network monitoring

nixos-unstable 25.12.0
- nixpkgs-unstable 25.12.0
- nixos-unstable-small 25.12.0
nixos-25.11 25.10.0
- nixos-25.11-small 25.10.0
- nixpkgs-25.11-darwin 25.10.0

Package maintainers

@vidister Fiona Weber <v@vidister.de>
@NetaliDev Jennifer Graul <me@netali.de>
@n0emis Ember Keske <nixpkgs@n0emis.network>
@yuyuyureka Yureka <yuka@yuka.dev>
@johannwagner Johann Wagner <nix@wagner.digital>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.librenms

Package maintainers