HIGH
Networktocode
CVE published 2026-05-28
CVE-2026-44798
A vulnerability in Nautobot, a Network Source of Truth and Network Automation Platform, allows authenticated users with GitRepository modification privileges to manipulate repository state through unauthorized API field access. The `current_head` field, intended for internal use only, can be directly set via REST API calls. This enables attackers to force Nautobot's local repository clones to checkout arb [truncated]