Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-hwxw-m79f-b3e8
Vulnerability ID VCID-hwxw-m79f-b3e8
Aliases CVE-2026-33045
GHSA-46j8-vpx8-6p72
Summary
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00011 https://api.first.org/data/v1/epss?cve=CVE-2026-33045
cvssv3.1_qr LOW https://github.com/advisories/GHSA-46j8-vpx8-6p72
cvssv4 1.1 https://github.com/home-assistant/core
generic_textual LOW https://github.com/home-assistant/core
cvssv3.1_qr LOW https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
cvssv4 1.1 https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
cvssv4 7.3 https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
generic_textual LOW https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
ssvc Track* https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
cvssv4 1.1 https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
cvssv4 7.3 https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
generic_textual LOW https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
ssvc Track* https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
cvssv4 1.1 https://nvd.nist.gov/vuln/detail/CVE-2026-33045
generic_textual LOW https://nvd.nist.gov/vuln/detail/CVE-2026-33045
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2026-33045
https://github.com/home-assistant/core
https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
https://nvd.nist.gov/vuln/detail/CVE-2026-33045
GHSA-46j8-vpx8-6p72 https://github.com/advisories/GHSA-46j8-vpx8-6p72
GHSA-mq77-rv97-285m https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
No exploits are available.
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P Found at https://github.com/home-assistant/core
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P Found at https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P Found at https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:17Z/ Found at https://github.com/home-assistant/core/security/advisories/GHSA-46j8-vpx8-6p72
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P Found at https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P Found at https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-31T18:39:17Z/ Found at https://github.com/home-assistant/core/security/advisories/GHSA-mq77-rv97-285m
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P Found at https://nvd.nist.gov/vuln/detail/CVE-2026-33045
Attack Vector (AV) Attack Complexity (AC) Attack Requirements (AT) Privileges Required (PR) User Interaction (UI) Vulnerable System Impact Confidentiality (VC) Vulnerable System Impact Integrity (VI) Vulnerable System Impact Availability (VA) Subsequent System Impact Confidentiality (SC) Subsequent System Impact Integrity (SI) Subsequent System Impact Availability (SA)

network

adjacent

local

physical

low

high

none

present

none

low

high

none

passive

active

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.01392
EPSS Score 0.00011
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T23:08:07.307411+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0