What is CVE-2026-54318?

CVE-2026-54318 is a high-severity vulnerability in Home-assistant Core, classified under CWE-926. CVSS score: 7.1/10. Published 2026-06-23.

How severe is CVE-2026-54318?

High severity. CVSS v3 base score is 7.1 out of 10.

Vulnerability in Home-assistant Core

CVE-2026-54318

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the LocationSensorManager BroadcastReceiver is exported with no permission. Any installed app, with zero runtime permissio…

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N.

Affected products

Home-assistant Core — versions < 2026.5.3

Weakness classification (CWE)

CWE-926

References

security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2026-54318?: CVE-2026-54318 is a high-severity vulnerability in Home-assistant Core, classified under CWE-926. CVSS score: 7.1/10. Published 2026-06-23.
How severe is CVE-2026-54318?: High severity. CVSS v3 base score is 7.1 out of 10.