Only the most recent monthly release and daily release recieve security updates. LibreNMS is supported by volunteers, they all do their best to keep LibreNMS secure.
Like anyone, we appreciate the work people put in to find flaws in software and welcome anyone to do so with LibreNMS, this will lead to better quality and more secure software for everyone.
If you think you've found a vulnerability and want to discuss it with some of the core team then you can contact us on Discord and we will endeavour to get back to as quick as we can, this is usually within 24 hours.
We are happy to attribute credit to the findings, but we ask that we're given a chance to patch any vulnerability before public disclosure so that our users can update as soon as a fix is available.
If you discover a security vulnerability in librenms please disclose it via our GitHub Security Advisories Page.
Thank you for improving the security of librenms.