CVE-2026-32112

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth endpoint and convince the server operator to follow a crafted authorization URL could execute...

EUVD-2026-11383

ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle...

Server-side Request Forgery (SSRF)

Overview ha-mcp is a Home Assistant MCP Server - Complete control of Home Assistant through MCP Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the haurl parameter in the OAuth consent form and forged tokens in REST and WebSocket tool calls. An attacker ca...

CVE-2026-32111

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...

CVE-2026-32112

ha-mcp (Home Assistant MCP Server) is affected prior to 7.0.0 by an XSS vulnerability in the OAuth consent form. The issue arises because the consent form renders user-controlled parameters using Python f-strings without HTML escaping, allowing an attacker who can reach the OAuth endpoint and ind...

CVE-2026-32111 ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...

CVE-2026-32111

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied haurl and makes a server-side HTTP request to haurl/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...

CVE-2026-32111

CVE-2026-32111 affects ha-mcp, a Home Assistant MCP Server. Before version 7.0.0, the ha-mcp OAuth consent form (beta) accepts a user-supplied ha_url and makes a server-side HTTP request to {ha_url}/api/config without URL validation. An unauthenticated attacker can submit arbitrary URLs to perfor...

PT-2026-24837

ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form beta feature accepts a user-supplied ha url and makes a server-side HTTP request to ha url/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network...