Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Vulnrichment
Vulnrichmentadded last week2 views

CVE-2026-44798 Nautobot: GitRepository.current_head field should not be writable through REST API

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS5.8AI score0.00056EPSS
Exploits0References5
OSV
OSVadded 2026/05/13 3:31 p.m.2 views

GHSA-P3HX-PWF3-J8WR Nautobot: GitRepository.current_head field should not be writable through REST API

Impact A user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause Nautobot's local clones of the relevant repository to checkout a commit other than the latest...

7.1CVSS5.7AI score0.00056EPSS
Exploits0References6
Snyk
Snykadded 2026/05/13 3:31 p.m.6 views

Exposed Dangerous Method or Function

Overview nautobot is a Source of truth and network automation platform. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the currenthead field in the REST API. An attacker can manipulate the state of local repository clones or render them unusable by...

7.1CVSS5.9AI score0.00056EPSS
Exploits0References3
Rows per page
Query Builder