Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:11 p.m.7 views

CVE-2026-44798

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS5.4AI score0.00277EPSS
Exploits0References1
NVD
NVDadded 2026/05/28 6:16 p.m.12 views

CVE-2026-44798

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS0.00277EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/28 4:57 p.m.10 views

EUVD-2026-32973

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS5.8AI score0.00277EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/28 4:57 p.m.28 views

CVE-2026-44798 Nautobot: GitRepository.current_head field should not be writable through REST API

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS0.00277EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/28 4:57 p.m.7 views

CVE-2026-44798

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS5.8AI score0.00277EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2026/05/28 4:57 p.m.14 views

CVE-2026-44798

CVE-2026-44798 affects Nautobot before versions 2.4.33 and 3.1.2, where a user with access to add/change a GitRepository could misuse the REST API to directly set the repository’s current_head field, which was not intended to be user-editable. This could cause local clones to checkout a non-lates...

7.1CVSS5.8AI score0.00277EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blogadded 2026/05/13 3:31 p.m.8 views

Nautobot: GitRepository.current_head field should not be writable through REST API

Impact A user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause Nautobot's local clones of the relevant repository to checkout a commit other than the latest...

7.1CVSS5.7AI score0.00277EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/13 12:0 a.m.11 views

PT-2026-40720

Name of the Vulnerable Software and Affected Versions Nautobot versions prior to 2.4.33 Nautobot versions prior to 3.1.2 Description A user with permissions to add or modify a GitRepository record can use the REST API to directly set the current head field, which is not intended to be...

7.1CVSS5.8AI score0.00277EPSS
Exploits0References12
Rows per page
Query Builder