CVE-2026-23833
- EPSS 0.07%
- Veröffentlicht 19.01.2026 17:58:50
- Zuletzt bearbeitet 04.03.2026 15:02:35
ESPHome is a system to control microcontrollers remotely through Home Automation systems. In versions 2025.9.0 through 2025.12.6, an integer overflow in the API component's protobuf decoder allows denial-of-service attacks when API encryption is not ...
CVE-2025-57808
- EPSS 4.05%
- Veröffentlicht 02.09.2025 00:26:09
- Zuletzt bearbeitet 10.09.2025 19:03:00
ESPHome is a system to control microcontrollers remotely through Home Automation systems. In version 2025.8.0 in the ESP-IDF platform, ESPHome's web_server authentication check can pass incorrectly when the client-supplied base64-encoded Authorizatio...
CVE-2024-29019
- EPSS 0.06%
- Veröffentlicht 11.04.2024 01:25:11
- Zuletzt bearbeitet 21.11.2024 09:07:23
ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 (command line installation) are vulnerable to Cross-Site Request Forgery (CSRF) allowing remot...
CVE-2024-27287
- EPSS 0.15%
- Veröffentlicht 06.03.2024 19:15:07
- Zuletzt bearbeitet 03.03.2026 14:45:54
ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installat...
CVE-2024-27081
- EPSS 5.35%
- Veröffentlicht 26.02.2024 17:15:10
- Zuletzt bearbeitet 07.02.2025 17:33:26
ESPHome is a system to control your ESP8266/ESP32. A security misconfiguration in the edit configuration file API in the dashboard component of ESPHome version 2023.12.9 (command line installation) allows authenticated remote attackers to read and wr...