Skip to content

Security: mitchell-es/librenms

Security

SECURITY.md

Security Policy

Supported Versions

Only the most recent monthly release and daily release recieve security updates. LibreNMS is supported by volunteers, they all do their best to keep LibreNMS secure.

Reporting a Vulnerability

Like anyone, we appreciate the work people put in to find flaws in software and welcome anyone to do so with LibreNMS, this will lead to better quality and more secure software for everyone.

If you think you've found a vulnerability and want to discuss it with some of the core team then you can contact us on Discord and we will endeavour to get back to as quick as we can, this is usually within 24 hours.

We are happy to attribute credit to the findings, but we ask that we're given a chance to patch any vulnerability before public disclosure so that our users can update as soon as a fix is available.

Reporting a Vulnerability

If you discover a security vulnerability in librenms please disclose it via our huntr page. Bounty eligibility, CVE assignment, response times and past reports are all there.

Thank you for improving the security of librenms.

There aren’t any published security advisories