Is CVE-2026-39951 being exploited?

No public exploit is currently tracked.

How severe is CVE-2026-39951?

CVE-2026-39951 has a CVSS v3 severity of HIGH (7.6).

Back

CVE-2026-39951

Description

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vulnerability through graph_name_regexp in the Reports feature. This issue has been fixed in version 1.2.31.