CVE-2026-2754 — Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute — CVE Database · The Intelligence Room