Known Vulnerabilities for products from Home-assistant
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Home-assistant".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40602 json | Not Provided | 2026-04-21 | 2026-04-21 | |
| CVE-2026-34205 json | Not Provided | 2026-03-27 | 2026-04-01 | |
| CVE-2026-33045 json | Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-33044 json | Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2020.02... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2023-44385 json | The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. Attack... | 8.8 - HIGH | 2023-10-19 | 2023-10-26 |
| CVE-2023-41899 json | Home assistant is an open source home automation. In affected versions the `hassio.addon_stdin` is vulnerable to a partial Se... | 7.2 - HIGH | 2023-10-19 | 2023-10-26 |
| CVE-2023-41898 json | Home assistant is an open source home automation. The Home Assistant Companion for Android app up to version 2023.8.2 is vuln... | 7.8 - HIGH | 2023-10-19 | 2023-10-26 |
| CVE-2023-41897 json | Home assistant is an open source home automation. Home Assistant server does not set any HTTP security headers, including the... | 9.6 - CRITICAL | 2023-10-19 | 2023-10-26 |
| CVE-2023-41896 json | Home assistant is an open source home automation. Whilst auditing the frontend code to identify hidden parameters, Cure53 det... | 9 - CRITICAL | 2023-10-19 | 2023-10-26 |
| CVE-2023-41895 json | Home assistant is an open source home automation. The Home Assistant login page allows users to use their local Home Assistan... | 9.6 - CRITICAL | 2023-10-19 | 2023-10-26 |
| CVE-2023-41894 json | Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component ar... | 5.3 - MEDIUM | 2023-10-20 | 2023-10-26 |
| CVE-2023-41893 json | Home assistant is an open source home automation. The audit team’s analyses confirmed that the `redirect_uri` and `client_i... | 5.4 - MEDIUM | 2023-10-20 | 2023-10-26 |
| CVE-2023-27482 json | homeassistant is an open source home automation tool. A remotely exploitable vulnerability bypassing authentication for acces... | 10 - CRITICAL | 2023-03-08 | 2023-05-17 |
| CVE-2021-3152 json | ** DISPUTED ** Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal a... | 5.3 - MEDIUM | 2021-01-26 | 2023-11-07 |
| CVE-2020-36517 json | An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator ... | 7.5 - HIGH | 2022-03-10 | 2022-03-14 |
| CVE-2018-21019 json | Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the... | 7.5 - HIGH | 2019-09-23 | 2019-09-23 |
| CVE-2017-16782 json | In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown t... | 6.1 - MEDIUM | 2017-11-10 | 2017-11-29 |
Known software with vulnerabilities from Home-assistant
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Home-assistant | Home-assistant | 0.10 |