Lookup for vulnerable packages by Package URL.
| Purl | pkg:pypi/ha-mcp@4.7.0 |
|---|
| Type | pypi |
|---|
| Namespace | |
|---|
| Name | ha-mcp |
|---|
| Version | 4.7.0 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | true |
|---|
| Next_non_vulnerable_version | 7.0.0 |
|---|
| Latest_non_vulnerable_version | 7.5.0 |
|---|
| Affected_by_vulnerabilities |
| 0 |
| url |
VCID-g4q4-hvg9-f3ax |
| vulnerability_id |
VCID-g4q4-hvg9-f3ax |
| summary |
ha-mcp OAuth 2.1 DCR mode enables network reconnaissance via an error oracle
The ha-mcp OAuth consent form (beta feature) accepts a user-supplied `ha_url` and makes a server-side HTTP request to `{ha_url}/api/config` with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network reconnaissance via an error oracle. Two additional code paths in OAuth tool calls (REST and WebSocket) are affected by the same primitive.
The primary deployment method (private URL with pre-configured `HOMEASSISTANT_TOKEN`) is not affected. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-32111 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.1301 |
| published_at |
2026-06-09T12:55:00Z |
|
| 1 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.13103 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.13107 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.13067 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00042 |
| scoring_system |
epss |
| scoring_elements |
0.12979 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-32111 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-32111, GHSA-fmfg-9g7c-3vq7
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-g4q4-hvg9-f3ax |
|
| 1 |
| url |
VCID-m8f2-55sm-y3dq |
| vulnerability_id |
VCID-m8f2-55sm-y3dq |
| summary |
ha-mcp has XSS via Unescaped HTML in OAuth Consent Form
The ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth endpoint and convince the server operator to follow a crafted authorization URL could execute JavaScript in the operator's browser. This affects only users running the beta OAuth mode (`ha-mcp-oauth`), which is not part of the standard setup and requires explicit configuration. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2026-32112 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11345 |
| published_at |
2026-06-09T12:55:00Z |
|
| 1 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1145 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11447 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.1141 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00037 |
| scoring_system |
epss |
| scoring_elements |
0.11329 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2026-32112 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2026-32112, GHSA-pf93-j98v-25pv
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m8f2-55sm-y3dq |
|
|
|---|
| Fixing_vulnerabilities |
|
|---|
| Risk_score | 3.1 |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:pypi/ha-mcp@4.7.0 |
|---|