CVE-2026-29514P2HIGHCVSS 8.8≥ 4.3.5, ≤ 4.5.42026-05-04
CVE-2026-29514 [HIGH] CWE-183 CVE-2026-29514: NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTempl
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python callables in the environment_params field. Attackers can bypass Jinja2 Sa
nvd