Esphome Esphome Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Esphome Esphome Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-57808 — CVSS 8.1 (high): ESPHome is a system to control microcontrollers remotely through Home Automation systems. In version 2025.8.0 in the ESP-IDF platform…
CVE-2021-41104 — CVSS 7.5 (high): ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or…