HIGH SeverityCVSS 4.08.5CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVE-2026-6204
Last updated Apr 13, 2026 · Published Apr 13, 2026
Description
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server.
Affected products
1 listed- librenms:librenms
Mappings
CWE
CWE-78
CAPEC
CAPEC-88
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms