Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-33qf-q99x-wpm8
  • PyPI/homeassistant-cli
 Home Assistant Command-line Interface: Handling of user-supplied Jinja2 templates 16 Apr
  • Fix available
  • Severity - 5.6 (Medium)
GHSA-46j8-vpx8-6p72
  • PyPI/homeassistant
 Home Assistant has stored XSS in history-graphs 27 Mar
  • Fix available
  • Severity - 1.1 (Low)
GHSA-r584-6283-p7xc
  • PyPI/homeassistant
 Home Assistant has stored XSS in Map-card through malicious device name 27 Mar
  • Fix available
  • Severity - 1.1 (Low)
GHSA-pp3g-xmm4-5cw9
  • PyPI/homeassistant
 Home Assistant Core before is vulnerable to Directory Traversal 23 Dec 2025
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-mq77-rv97-285m
  • PyPI/homeassistant
 Home Assistant has Stored XSS vulnerability in Energy dashboard from Energy Entity Name 14 Oct 2025
  • Fix available
  • Severity - 8.5 (High)
GHSA-m3pm-rpgg-5wj6
  • PyPI/homeassistant
 Home Assistant does not correctly validate SSL for outgoing requests in core and used libs 18 Feb 2025
  • Fix available
  • Severity - 7.0 (High)
GHSA-jqpc-rc7g-vf83
  • PyPI/homeassistant
 User accounts disclosed to unauthenticated actors on the LAN 15 Dec 2023
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-qhhj-7hrc-gqj5
  • PyPI/homeassistant
 Home Assistant vulnerable to account takeover via auth_callback login 26 Oct 2023
  • Fix available
  • Severity - 5.1 (Medium)
PYSEC-2023-214
  • PyPI/homeassistant
 See record for full details 20 Oct 2023
  • Fix available
  • Severity - 5.4 (Medium)
GHSA-mh78-8f49-vjg3
  • PyPI/homeassistant
 Home Assistant information disclosure vulnerability 24 May 2022
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2019-221
  • PyPI/homeassistant
 See record for full details 23 Sep 2019
  • Fix available