RCE in Jurajnyiri Homeassistant-tapo-control

CVE-2025-55192

HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect user…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.003 (23.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-55192?
CVE-2025-55192 is a vulnerability in Jurajnyiri Homeassistant-tapo-control, classified under Code Injection. Published 2025-08-14.
Is CVE-2025-55192 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.