CVE-2026-29514 | NetBox up to 4.5.4 RenderTemplateMixin.get_environment_params finalize permissive list of allowed inputs

A vulnerability identified as critical has been detected in NetBox up to 4.5.4. This impacts the function RenderTemplateMixin.get_environment_params. This manipulation of the argument finalize causes permissive list of allowed inputs.

This vulnerability is registered as CVE-2026-29514. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More