NIXPKGS-2026-1093

GitHub issue published on

Permalink CVE-2026-6204

updated 2 weeks, 1 day ago by @LeSuisse Activity log

Created suggestion 2 weeks, 1 day ago
@LeSuisse accepted 2 weeks, 1 day ago
@LeSuisse published on GitHub 2 weeks, 1 day ago

LibreNMS versions before 26.3.0 are affected by an authenticated remote …

LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server.

References

Affected products

librenms

<26.3.0

Matching in nixpkgs

pkgs.librenms

Auto-discovering PHP/MySQL/SNMP based network monitoring

nixos-unstable 26.2.0
- nixpkgs-unstable 26.2.0
- nixos-unstable-small 26.2.0
nixos-25.11 25.10.0
- nixos-25.11-small 25.10.0
- nixpkgs-25.11-darwin 25.10.0

Package maintainers

@yuyuyureka Yureka <yuka@yuka.dev>
@n0emis Ember Keske <nixpkgs@n0emis.network>
@johannwagner Johann Wagner <nix@wagner.digital>
@NetaliDev Jennifer Graul <me@netali.de>

Nixpkgs security tracker

Details of issue NIXPKGS-2026-1093

References

Affected products

Matching in nixpkgs

pkgs.librenms

Package maintainers