3 matches found
CVE-2026-33045
Home Assistant CVE-2026-33045 is a stored XSS vulnerability in the Energy dashboard triggered by an energy entity name. Affected versions are 2025.02 through 2026.00.x (prior to 2026.01); it is fixed in 2026.01. The issue arises when entity names containing HTML are rendered in graph tooltips, en...
CVE-2026-33045 Home Assistant has stored XSS in history-graphs
Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02 and prior to version 2026.01 the "remaining charge time"-sensor for mobile phones imported/included from Android Auto it appears is vulnerable cross-site scripting, simila...
CVE-2026-33045 Home Assistant has stored XSS in history-graphs
Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02 and prior to version 2026.01 the "remaining charge time"-sensor for mobile phones imported/included from Android Auto it appears is vulnerable cross-site scripting, simila...