{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26987", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-17T01:41:24.606Z", "datePublished": "2026-02-20T01:11:13.925Z", "dateUpdated": "2026-02-20T15:35:18.059Z"}, "containers": {"cna": {"title": "LibreNMS affected by reflected XSS via email field", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr"}, {"name": "https://github.com/librenms/librenms/pull/19038", "tags": ["x_refsource_MISC"], "url": "https://github.com/librenms/librenms/pull/19038"}, {"name": "https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b", "tags": ["x_refsource_MISC"], "url": "https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b"}, {"name": "https://github.com/librenms/librenms/releases/tag/26.2.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/librenms/librenms/releases/tag/26.2.0"}], "affected": [{"vendor": "librenms", "product": "librenms", "versions": [{"version": "< 26.2.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-20T01:11:13.925Z"}, "descriptions": [{"lang": "en", "value": "LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable to Reflected XSS attacks via email field. This issue has been fixed in version 26.2.0."}], "source": {"advisory": "GHSA-gqx7-99jw-6fpr", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-20T15:31:42.695704Z", "id": "CVE-2026-26987", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T15:35:18.059Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26987", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-20T15:31:42.695704Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-20T15:31:44.404Z"}}], "cna": {"title": "LibreNMS affected by reflected XSS via email field", "source": {"advisory": "GHSA-gqx7-99jw-6fpr", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "librenms", "product": "librenms", "versions": [{"status": "affected", "version": "< 26.2.0"}]}], "references": [{"url": "https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr", "name": "https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/librenms/librenms/pull/19038", "name": "https://github.com/librenms/librenms/pull/19038", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b", "name": "https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/librenms/librenms/releases/tag/26.2.0", "name": "https://github.com/librenms/librenms/releases/tag/26.2.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable to Reflected XSS attacks via email field. This issue has been fixed in version 26.2.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-20T01:11:13.925Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26987", "state": "PUBLISHED", "dateUpdated": "2026-02-20T15:35:18.059Z", "dateReserved": "2026-02-17T01:41:24.606Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-20T01:11:13.925Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*", "matchCriteriaId": "C0838E1C-0369-4B31-9B51-83A5D2A7CAC9", "versionEndExcluding": "26.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. Versions 25.12.0 and below are vulnerable to Reflected XSS attacks via email field. This issue has been fixed in version 26.2.0."}], "id": "CVE-2026-26987", "lastModified": "2026-02-20T16:32:16.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-02-20T02:16:54.383", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/librenms/librenms/commit/8e626b38ef92e240532cdac2ac7e38706a71208b"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://github.com/librenms/librenms/pull/19038"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/librenms/librenms/releases/tag/26.2.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/librenms/librenms/security/advisories/GHSA-gqx7-99jw-6fpr"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,26.2.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "librenms", "source": "cna", "vendor": "librenms"}, "product": "librenms", "vendor": "librenms"}], "analysis": {"en": {"generated_at": "2026-04-17T17:35:36.229358+00:00", "value": {"mitigation_remediation": ["Upgrade LibreNMS to version\u202f26.2.0 or later to remove the reflected XSS flaw.", "If an upgrade is not immediately possible, modify the code to sanitize the email field before rendering, for example by applying htmlspecialchars or a stricter validation filter to strip scripts.", "Deploy a Content Security Policy that disallows inline scripting or limits script sources to trusted origins, mitigating the impact of any remaining reflected script execution."], "summary": {"action": "Apply patch", "impact": "Reflected Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "All LibreNMS releases up to and including 25.12.0 are vulnerable. The issue was addressed in version 26.2.0, so any deployment with the main LibreNMS application before that release must consider an upgrade. Vendors listed under librenms:librenms are affected if their installed version is older than 26.2.0.", "description_and_impact": "LibreNMS, an auto\u2011discovering PHP/MySQL/SNMP based network monitoring tool, contains a reflected XSS flaw that can be triggered through the email field in forms and URLs. The vulnerability allows an attacker to inject arbitrary JavaScript that executes in the victim\u2019s browser, potentially enabling session hijacking, credential theft, or defacement. The weakness is classified as CWE\u201179 and is measured at a CVSS score of 5.3.", "risk_and_exploitability": "The CVSS rating of 5.3 indicates moderate severity, while the EPSS score of less than 1% points to a very low likelihood of active exploitation. The flaw is not recorded in the CISA Known Exploited Vulnerabilities catalog. Attackers would typically need to entice a user to visit a page containing a malicious email string or to post such a string into the application, meaning the vector is user\u2011based interaction with the web interface and does not require privileged credentials."}}}}, "created": "2026-02-20T09:53:04.742596+00:00", "updated": "2026-04-17T17:45:24.341626+00:00", "vendors": ["librenms", "librenms$PRODUCT$librenms"]}