Description
The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates instead of a sandboxed one. The user-supplied input within Jinja2 templates was rendered locally with no restrictions. This gave users access to Python's internals and extended the scope of templating beyond the intended usage. This vulnerability is fixed in 1.0.0.
Published: 2026-04-21
Score: 5.6 Medium
EPSS: n/a
KEV: No
Impact: Local code execution via unrestricted Jinja2 templating
Action: Immediate Patch
AI Analysis

Impact

The Home Assistant Command‑line interface (hass‑cli) previously used an unrestricted Jinja2 environment to render user‑supplied templates, allowing full access to Python’s internals. As a result, an attacker could construct a malicious template that executes arbitrary Python code locally. This vulnerability is a classic example of improper restriction of operations (CWE‑1336) and improper code generation control (CWE‑94), and it permits local code execution beyond the intended templating functionality.

Affected Systems

The bug affects the Home Assistant Ecosystem’s home‑assistant‑cli product, specifically all releases up to and including 0.x versions; the vulnerability was fixed in version 1.0.0 and later.

Risk and Exploitability

The CVSS score of 5.6 indicates medium severity, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires local access to the hass‑cli utility or the ability to supply a template to the tool, meaning the threat is confined to users with sufficient privilege on the host machine. If those conditions are met, an attacker can run arbitrary code on the system, potentially leading to full compromise of the host.

Generated by OpenCVE AI on April 22, 2026 at 05:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade hass‑cli to version 1.0.0 or newer, where the Jinja2 environment is sandboxed.
  • Restrict template execution to pre‑approved scripts or environments, for example by disabling user‑supplied templates or enforcing a whitelist of allowed expressions.
  • Apply role‑based access controls so that only trusted users can invoke hass‑cli with arbitrary Jinja2 templates, reducing the risk of local code execution attacks.

Generated by OpenCVE AI on April 22, 2026 at 05:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-33qf-q99x-wpm8 Home Assistant Command-line Interface: Handling of user-supplied Jinja2 templates
History

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used to handle Jninja2 templates instead of a sandboxed one. The user-supplied input within Jinja2 templates was rendered locally with no restrictions. This gave users access to Python's internals and extended the scope of templating beyond the intended usage. This vulnerability is fixed in 1.0.0.
Title hass-cli: Handling of user-supplied Jinja2 templates
Weaknesses CWE-1336
CWE-94
References
Metrics cvssV3_1

{'score': 5.6, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-21T19:02:03.968Z

Reserved: 2026-04-14T14:07:59.641Z

Link: CVE-2026-40602

cve-icon Vulnrichment

Updated: 2026-04-21T19:01:58.525Z

cve-icon NVD

Status : Received

Published: 2026-04-21T18:16:51.827

Modified: 2026-04-21T18:16:51.827

Link: CVE-2026-40602

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T05:45:09Z

Weaknesses