Default Credentials Vulnerability in Roche Diagnostics navify Digital Pathology
CVE-2026-9844

8.8HIGH

Key Information:

Vendor: Roche Diagnostics
Status: Navify Digital Pathology
Vendor: CVE Published:; 2 June 2026

🔔 Create Roche Diagnostics Vulnerability Alert

What is CVE-2026-9844?

The vulnerability in Roche Diagnostics navify Digital Pathology arises from the presence of default usernames and passwords in the RabbitMQ Management interface modules. This issue impacts versions ranging from 2.0.0 up to, but not including, 2.4.1. Attackers may exploit this security flaw to gain unauthorized access to sensitive systems, emphasizing the critical need for organizations to change default credentials to strengthen their cybersecurity posture. Ensure your installations are upgraded to secure versions to mitigate potential risks.

Affected Version(s)

navify Digital Pathology 2.0.0 <= 2.4.1

References

https://diagnostics.roche.com/global/en/legal/product-sec...

vendor-advisory

CVSS V4

Score:

8.8

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
May 28, 2026

CVE-2026-9844 Data

JSON