The release notes for Cacti 0.8.7i indicate that two security vulnerabilities were fixed, though no corresponding CVE has been issued.