VIR Vulnerability Intelligence Relay

Package impact

python PyPI / nautobot

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-44798 high 8.0 15d ago Nautobot: GitRepository.current_head field should not be writable through REST API python
CVE-2026-44797 high 8.0 15d ago Nautobot: Webhook definitions could be used for server-side request forgery (SSRF) python
CVE-2026-44796 medium 5.5 15d ago Nautobot: Object bulk rename UI actions vulnerable to denial of service by crafted regular expression (REDoS) python
CVE-2026-44794 medium 5.5 15d ago Nautobot: REST API permits creation of GenericForeignKey references to objects that the user should not be able to reference python
CVE-2025-49142 medium 5.5 1y ago Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configu… python
CVE-2026-34203 unknown 2mo ago Nautobot: Management of users via REST API does not apply configured password validators python
CVE-2025-49143 unknown 1y ago Nautobot may allows uploaded media files to be accessible without authentication python
CVE-2024-36112 unknown 2y ago Nautobot is a Network Source of Truth and Network Automation Platform. A user with permissions to view Dynamic Group records (`extras.view_dynamicgroup` permission) can use the Dynamic Group detail U… python
CVE-2024-34707 unknown 2y ago Nautobot's BANNER_* configuration can be used to inject arbitrary HTML content into Nautobot pages python
CVE-2024-32979 unknown 2y ago nautobot has reflected Cross-site Scripting potential in all object list views python
CVE-2024-29199 unknown 2y ago Unauthenticated views may expose information to anonymous users python
CVE-2024-23345 unknown 2y ago Nautobot is a Network Source of Truth and Network Automation Platform built as a web application. All users of Nautobot versions earlier than 1.6.10 or 2.1.2 are potentially impacted by a cross-site… python
CVE-2023-51649 unknown 3y ago Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. When submitting a Job to run via… python
CVE-2023-50263 unknown 3y ago Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 1.x and 2.0.x prior … python
CVE-2023-48705 unknown 3y ago Nautobot is a Network Source of Truth and Network Automation Platform built as a web application All users of Nautobot versions earlier than 1.6.6 or 2.0.5 are potentially affected by a cross-site sc… python
CVE-2023-46128 unknown 3y ago Nautobot is a Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. In Nautobot 2.0.x, certain REST API endpoints, in combinatio… python
CVE-2023-25657 unknown 3y ago Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions earlier than 1.5.7 are impacted by a remote code execution vulnerability. Nautobot did not proper… python