CVE-2026-2752

Name of the Vulnerable Software and Affected Versions Navtor NavBox (affected versions not specified)

Description A remote, unauthenticated attacker can send crafted requests to the /api/ais-data endpoint, triggering an unhandled exception. This causes the server to return verbose .NET stack traces, exposing internal class names, method calls, and third-party library references such as System.Data.SQLite. This information may assist attackers in mapping the application's internal structure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.