Lucene search
K

8 matches found

NVD
NVD
added 2026/06/29 3:16 p.m.12 views

CVE-2026-55844

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...

7.5CVSS0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 2:19 p.m.5 views

CVE-2026-55844

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...

7.5CVSS5.8AI score0.00161EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/29 2:19 p.m.4 views

CVE-2026-55844 Home Assistant: iOS Companion App ignores internal SSID allowlist for connections – possible leak of access token and sensor data

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...

7.5CVSS5.9AI score0.00161EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 2:19 p.m.32 views

CVE-2026-55844 Home Assistant: iOS Companion App ignores internal SSID allowlist for connections – possible leak of access token and sensor data

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...

7.5CVSS0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.21 views

PT-2026-53283

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2025.5.0 Description The iOS companion app fails to respect the SSID allowlist for internal networks. While the app typically uses the Service Set Identifier SSID—the public name of a wireless network—to...

7.5CVSS5.8AI score0.00161EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/05/12 12:0 a.m.42 views

CVE-2022-29885 EncryptInterceptor does not provide complete protection on insecure networks

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide...

7.8AI score0.73139EPSS
Exploits5References6
ThreatPost
ThreatPost
added 2020/02/10 3:56 p.m.130 views

Emotet Now Hacks Nearby Wi-Fi Networks to Spread Like a Worm

A newly uncovered Emotet malware sample has the ability to spread to insecure Wi-Fi networks that are located nearby to an infected device. If the malware can spread to these nearby Wi-Fi networks, it then attempts to infect devices connected to them — a tactic that can rapidly escalate Emotet’s...

0.6AI score
Exploits0References8
Hacker One
Hacker One
added 2014/06/15 3:54 p.m.21 views

RelateIQ: Failed Certificate Validation On Custom Server (Register)

Hi, in the register page a custom server can be used to define "where to connect to". Your system does not validate the SSL certificate of this host which makes it easy to tamper with the data your system do in behalf of the user. As only SSL links are allowed by the application the user could...

0.4AI score
Exploits0
Rows per page
Query Builder