CVE-2026-34205

Name of the Vulnerable Software and Affected Versions Home Assistant versions prior to 2026.03.02

Description Home Assistant is open source home automation software focused on local control and privacy. Home Assistant apps, when configured with host network mode, expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. This configuration does not restrict access to the app as intended, allowing any device on the same network to reach these endpoints without authentication.

Recommendations Update to Home Assistant Supervisor version 2026.03.02 or later.