XSS in Librenms

CVE-2026-2728

LibreNMS versions before 26.3.0 are affected by an authenticated Cross-site Scripting vulnerability on the showconfig page. Successful exploitation requires administrative privileges. Exploitation could result in XSS attacks being performe…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (0.1th percentile) — read the EPSS interpretation.