CVE-2026-9844
Deferred Deferred - Pending Action
Default Credentials in Roche navify Digital Pathology

Publication date: 2026-06-02

Last updated on: 2026-06-02

Assigner: Roche Diagnostics

Description
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-02
Last Modified
2026-06-02
Generated
2026-06-22
AI Q&A
2026-06-02
EPSS Evaluated
2026-06-21
NVD
CVE-2026-9844
EUVD
EUVD-2026-33923
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
roche_diagnostics navify_digital_pathology From 2.0.0 (inc) to 2.4.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

The vulnerability can lead to unauthorized access to the navify Digital Pathology system, potentially allowing attackers to view, modify, or disrupt sensitive pathology data and system operations. This can result in data breaches, loss of data integrity, and disruption of medical diagnostic services.

Executive Summary

This vulnerability involves the use of default credentials in the Roche Diagnostics navify Digital Pathology software, specifically in the RabbitMQ Management interface modules. It allows attackers to access the system using default usernames and passwords that have not been changed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9844. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart