Sysadminsmedia Homebox — known CVE vulnerabilities
Every CVE whose affected-product data names Sysadminsmedia Homebox, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2026-40196 — CVSS 8.1 (high): HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained…
CVE-2026-27981 — CVSS 7.4 (high): HomeBox is a home inventory and organization system. Prior to 0.24.0, the authentication rate limiter (authRateLimiter) tracks failed…
CVE-2026-27600 — CVSS 5.0 (medium): HomeBox is a home inventory and organization system. Prior to 0.24.0-rc.1, the notifier functionality allows authenticated users to specify…
CVE-2026-26272 — CVSS 4.6 (medium): HomeBox is a home inventory and organization system. Prior to 0.24.0-rc.1, a stored cross-site scripting (XSS) vulnerability exists in the…