CVE-2025-62412

LibreNMS is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts > Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.

Published Oct 17, 2025

https://github.com/advisories/GHSA-6g2v-66ch-6xmh

CVSS ScoreMedium

4.8

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-62412

LibreNMS is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts > Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0.

Published Oct 17, 2025

https://github.com/advisories/GHSA-6g2v-66ch-6xmh

CVSS ScoreMedium

4.8


composer	librenms/librenms	25.8.0
composer	librenms/librenms	25.9.0
composer	librenms/librenms	25.9.1

Ecosystem	Package	Version


composer	librenms/librenms	25.8.0
composer	librenms/librenms	25.9.0
composer	librenms/librenms	25.9.1

Find vulnerabilities. Fix fast with AI.

CVE-2025-62412

CVE-2025-62412