CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28 matches found

RedhatCVE•added 2026/03/28 11:9 p.m.•3 views

CVE-2026-34205

Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps formerly add-ons configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. On Linux, this configuratio...

9.6CVSS5.9AI score0.00064EPSS

Exploits0References1

NVD•added 2026/03/27 8:16 p.m.•0 views

CVE-2026-34205

9.6CVSS0.00064EPSS

Exploits0References1

ATTACKERKB•added 2026/03/27 7:41 p.m.•1 views

CVE-2026-34205

9.6CVSS5.9AI score0.00064EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/03/27 7:41 p.m.•2 views

CVE-2026-34205 Home Assistant: Unauthenticated App (Add-on) Endpoints Exposed to Local Network via Host Network Mode

9.6CVSS5.9AI score0.00064EPSS

Exploits0References1

EUVD•added 2026/03/27 7:41 p.m.•0 views

EUVD-2026-16793

9.6CVSS5.9AI score0.00064EPSS

Exploits0References1

CVE•added 2026/03/27 7:41 p.m.•5 views

CVE-2026-34205

CVE-2026-34205 relates to Home Assistant apps (formerly add-ons) that, when configured with host network mode, expose unauthenticated endpoints bound to the internal Docker bridge. This configuration on Linux allows any device on the same network to reach these endpoints without authentication, e...

9.6CVSS5.9AI score0.00064EPSS

Exploits0References1

Cvelist•added 2026/03/27 7:41 p.m.•19 views

CVE-2026-34205 Home Assistant: Unauthenticated App (Add-on) Endpoints Exposed to Local Network via Host Network Mode

9.6CVSS0.00064EPSS

Exploits0References1

Positive Technologies•added 2026/03/27 12:0 a.m.•2 views

PT-2026-28606

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2026.03.02 Description Home Assistant is open source home automation software focused on local control and privacy. Home Assistant apps, when configured with host network mode, expose unauthenticated endpoints...

9.6CVSS5.9AI score0.00064EPSS

Exploits0References7

CNNVD•added 2026/03/27 12:0 a.m.•4 views

Home Assistant 安全漏洞

Home Assistant is an open-source family automation management system developed by Home Assistant. This system is primarily used to control household automation devices. Home Assistant has a security vulnerability that stems from applications configured in host network mode, which exposes...

9.6CVSS5.8AI score0.00064EPSS

Exploits0References2

OSV•added 2026/03/02 11:37 p.m.•6 views

GHSA-WW6V-V748-X7G9 OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>

Summary In [email protected], sandbox network hardening blocks network=host but still allows network=container:. This can let a sandbox join another container's network namespace and reach services available in that namespace. Preconditions and Trust Model Context This issue requires a...

9CVSS6AI score0.00065EPSS

Exploits0References6

Github Security Blog•added 2026/03/02 11:37 p.m.•10 views

OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>

9.8CVSS6AI score0.00065EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2025/07/06 2:14 p.m.•6 views

CVE-2025-38184

In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPCNLUDPGETREMOTEIP with media name set to tun tipc: Started in network mode tipc:...

7CVSS6.3AI score0.00105EPSS

Exploits0References4

NVD•added 2025/07/04 2:15 p.m.•7 views

CVE-2025-38184

5.5CVSS0.00105EPSS

Exploits0References10

OSV•added 2025/07/04 1:37 p.m.•6 views

CVE-2025-38184 tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer

5.5CVSS6.4AI score0.00105EPSS

Exploits0References13

ATTACKERKB•added 2025/05/07 6:15 p.m.•0 views

CVE-2025-20155

A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is firs...

6CVSS5.9AI score0.00112EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2023/11/14 3:46 p.m.•2 views

kernel: net/mlx5e: TC, Fix using eswitch mapping in nic mode

A flaw was found in the Linux kernel net/mlx5e Ethernet driver’s traffic control handling code. Under certain configurations when operating in NIC mode, the driver erroneously uses the eswitch object mapping pool, which is not initialized in that mode. This can lead to an invalid mapping referenc...

5.7AI score0.00022EPSS

Exploits0References5

RedHat Linux•added 2023/11/07 9:3 a.m.•1 views

kernel: net/mlx5e: TC, Fix using eswitch mapping in nic mode

5.7AI score0.00022EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:59 a.m.•2 views

SUSE CVE-2010-1187

The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...

4.9CVSS6.5AI score0.0013EPSS

Exploits1References3

NVD•added 2021/10/19 7:15 p.m.•11 views

CVE-2021-31354

An Out Of Bounds OOB access vulnerability in the handling of responses by a Juniper Agile License JAL Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode to use Juniper Agile License Manager may allow an attacker to cause a partial Denial of Service DoS, or lead t...

8.8CVSS0.00279EPSS

Exploits0References1

OSV•added 2021/10/19 7:15 p.m.•1 views

CVE-2021-31354

8.8CVSS6.3AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by