CVE-2026-34203 | Nautobot up to 2.4.29/3.0.9 REST API nautobot_config.py weak password (GHSA-xmpv-j7p2-j873)

Inserito da Angelo Barbosa | Apr 1, 2026 | CVE

A vulnerability classified as critical was found in Nautobot up to 2.4.29/3.0.9. This affects an unknown function of the file nautobot_config.py of the component REST API. Such manipulation leads to weak password requirements.

This vulnerability is traded as CVE-2026-34203. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-34203 | Nautobot up to 2.4.29/3.0.9 REST API nautobot_config.py weak password (GHSA-xmpv-j7p2-j873)

Post correlati

CVE-2025-57624 | CYRISMA Agent up to 443 uncontrolled search path

CVE-2024-9326 | PHPGurukul Online Shopping Portal 2.0 Admin Panel index.php username sql injection

CVE-2026-3101 | Intelbras TIP 635G 1.12.3.5 Ping os command injection

CVE-2025-25895 | D-Link DSL-3782 1.01 Packet public_type os command injection