CVE-2026-40602: CWE-94: Improper Control of Generation of Code ('Code Injection') in home-assistant-ecosystem home-assistant-cli
The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates instead of a sandboxed one. The user-supplied input within Jinja2 templates was rendered locally with no restrictions. This gave users access to Python's internals and extended the scope of templating beyond the intended usage. This vulnerability is fixed in 1.0.0.
AI Analysis
Technical Summary
The Home Assistant CLI (hass-cli) versions before 1.0.0 used an unrestricted environment to render Jinja2 templates, which allowed user-supplied input to execute arbitrary Python code locally. This improper control of code generation (CWE-94) extends the templating scope beyond intended usage, potentially enabling code injection attacks. The vulnerability is addressed by introducing sandboxing in version 1.0.0, preventing untrusted template code from accessing Python internals.
Potential Impact
Successful exploitation could allow a user with access to the CLI to execute arbitrary Python code locally, potentially leading to unauthorized information disclosure or modification of the system state. The CVSS vector indicates that exploitation requires local access with high privileges and user interaction, and the impact is high on confidentiality and integrity but does not affect availability.
Mitigation Recommendations
Upgrade home-assistant-cli to version 1.0.0 or later, where this vulnerability is fixed by sandboxing Jinja2 template rendering. No other mitigations are indicated or necessary once the update is applied.
CVE-2026-40602: CWE-94: Improper Control of Generation of Code ('Code Injection') in home-assistant-ecosystem home-assistant-cli
Description
The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates instead of a sandboxed one. The user-supplied input within Jinja2 templates was rendered locally with no restrictions. This gave users access to Python's internals and extended the scope of templating beyond the intended usage. This vulnerability is fixed in 1.0.0.
CVSS v3.1
Score 5.6medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Home Assistant CLI (hass-cli) versions before 1.0.0 used an unrestricted environment to render Jinja2 templates, which allowed user-supplied input to execute arbitrary Python code locally. This improper control of code generation (CWE-94) extends the templating scope beyond intended usage, potentially enabling code injection attacks. The vulnerability is addressed by introducing sandboxing in version 1.0.0, preventing untrusted template code from accessing Python internals.
Potential Impact
Successful exploitation could allow a user with access to the CLI to execute arbitrary Python code locally, potentially leading to unauthorized information disclosure or modification of the system state. The CVSS vector indicates that exploitation requires local access with high privileges and user interaction, and the impact is high on confidentiality and integrity but does not affect availability.
Mitigation Recommendations
Upgrade home-assistant-cli to version 1.0.0 or later, where this vulnerability is fixed by sandboxing Jinja2 template rendering. No other mitigations are indicated or necessary once the update is applied.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-04-14T14:07:59.641Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e7bb7219fe3cd2cdedac86
Added to database: 4/21/2026, 6:01:22 PM
Last enriched: 4/21/2026, 6:16:30 PM
Last updated: 6/5/2026, 12:24:01 PM
Views: 67
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.