| CVE-2026-44797 |
high |
8.5 |
8.5 |
|
|
|
15d ago |
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot's Webhook data model and associated feature set could be configured by users with sufficient… |
| CVE-2026-44798 |
high |
7.1 |
7.1 |
|
|
|
15d ago |
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the cu… |
| CVE-2026-44796 |
medium |
6.5 |
6.5 |
|
|
|
15d ago |
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot UI object-bulk-rename endpoints (for example, /dcim/interfaces/rename/) were vulnerable to a… |
| CVE-2025-49142 |
medium |
— |
5.5 |
|
|
|
1y ago |
Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to insufficient security configu… |
| CVE-2026-44794 |
medium |
5.4 |
5.4 |
|
|
|
15d ago |
Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, in the case of inter-object references via GenericForeignKey (a pattern allowing an object to referen… |