CVE-2026-9844 | THREATINT

Description

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.

PUBLISHED Reserved 2026-05-28 | Published 2026-06-02 | Updated 2026-06-02 | Assigner Roche

HIGH: 8.8CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:L/SA:L/S:N/AU:Y/R:U/V:D/RE:M/U:Green

Problem types

CWE-1392 Use of default credentials

Product status

Default status

unaffected

2.0.0 (semver)

affected

References

diagnostics.roche.com/...egal/product-security-advisory.html vendor-advisory

cve.org (CVE-2026-9844)

nvd.nist.gov (CVE-2026-9844)

Download JSON