Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/28 5:1 p.m.6 views

CVE-2026-44794

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, in the case of inter-object references via GenericForeignKey a pattern allowing an object to reference another object that may belong to one of several different "content types" or database tables,...

5.4CVSS5.8AI score0.00023EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2026/05/28 5:1 p.m.26 views

CVE-2026-44794 Nautobot: REST API permits creation of GenericForeignKey references to objects that the user should not be able to reference

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, in the case of inter-object references via GenericForeignKey a pattern allowing an object to reference another object that may belong to one of several different "content types" or database tables,...

5.4CVSS0.00023EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/28 4:59 p.m.8 views

CVE-2026-44797

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot's Webhook data model and associated feature set could be configured by users with sufficient access to perform requests to various hosts and IP addresses that should not be permitted, allowi...

8.5CVSS5.8AI score0.00037EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2026/05/13 3:31 p.m.4 views

GHSA-P3HX-PWF3-J8WR Nautobot: GitRepository.current_head field should not be writable through REST API

Impact A user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause Nautobot's local clones of the relevant repository to checkout a commit other than the latest...

7.1CVSS5.7AI score0.00056EPSS
Exploits0References7
Snyk
Snykadded 2026/05/13 3:30 p.m.6 views

Server-side Request Forgery (SSRF)

Overview nautobot is a Source of truth and network automation platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Webhook process. An attacker can access internal or restricted network resources by configuring webhooks to send requests to...

8.5CVSS5.8AI score0.00037EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/05/13 3:30 p.m.3 views

Nautobot: REST API permits creation of GenericForeignKey references to objects that the user should not be able to reference

Impact In the case of inter-object references via GenericForeignKey a pattern allowing an object to reference another object that may belong to one of several different "content types" or database tables, when creating or updating an object containing a GenericForeignKey, Nautobot's REST API fail...

5.4CVSS5.7AI score0.00023EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVASadded 2018/07/20 12:0 a.m.64 views

Apache HTTP Server 'mod_md' Denial of Service Vulnerability - Windows

Apache HTTP Server is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.4AI score0.77835EPSS
Exploits0References2
Rows per page
Query Builder