EIP-2026-110314

PRE-CVE

OpenNMS < 1.5.96 - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110314. PoCs published by BugSec LTD.

AI-analyzed exploit summary This document details multiple vulnerabilities in OpenNMS, including HTTP Response Splitting and Cross-Site Scripting (XSS). It provides proof-of-concept URLs demonstrating how an attacker can inject malicious headers or execute arbitrary JavaScript in the context of the affected site.

Description

OpenNMS < 1.5.96 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED
by BugSec LTD · textwebappsphp
https://www.exploit-db.com/exploits/6676

This document details multiple vulnerabilities in OpenNMS, including HTTP Response Splitting and Cross-Site Scripting (XSS). It provides proof-of-concept URLs demonstrating how an attacker can inject malicious headers or execute arbitrary JavaScript in the context of the affected site.

Classification
Writeup 100%
Attack Type
Xss | Other
Complexity
Trivial
Reliability
Reliable
Target: OpenNMS 1.5.93-1
No auth needed
Prerequisites: Network access to the OpenNMS server
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026