{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27796", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-24T02:31:33.265Z", "datePublished": "2026-03-07T05:54:48.829Z", "dateUpdated": "2026-03-09T20:44:25.718Z"}, "containers": {"cna": {"title": "Homarr: Unauthenticated Information Disclosure (Integration Metadata Leak)", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-862", "lang": "en", "description": "CWE-862: Missing Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/homarr-labs/homarr/security/advisories/GHSA-m4vc-4prp-cvp7", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/homarr-labs/homarr/security/advisories/GHSA-m4vc-4prp-cvp7"}, {"name": "https://github.com/homarr-labs/homarr/commit/91fc5a5c747121475a50f2713d571ceb89e95257", "tags": ["x_refsource_MISC"], "url": "https://github.com/homarr-labs/homarr/commit/91fc5a5c747121475a50f2713d571ceb89e95257"}, {"name": "https://github.com/homarr-labs/homarr/releases/tag/v1.54.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/homarr-labs/homarr/releases/tag/v1.54.0"}], "affected": [{"vendor": "homarr-labs", "product": "homarr", "versions": [{"version": "< 1.54.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-07T05:54:48.829Z"}, "descriptions": [{"lang": "en", "value": "Homarr is an open-source dashboard. Prior to version 1.54.0, the integration.all tRPC endpoint in Homarr is exposed as a publicProcedure, allowing unauthenticated users to retrieve a complete list of configured integrations. This metadata includes sensitive information such as internal service URLs, integration names, and service types. This issue has been patched in version 1.54.0."}], "source": {"advisory": "GHSA-m4vc-4prp-cvp7", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27796", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T20:40:20.367771Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T20:44:25.718Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27796", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-09T20:40:20.367771Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-09T20:41:57.239Z"}}], "cna": {"title": "Homarr: Unauthenticated Information Disclosure (Integration Metadata Leak)", "source": {"advisory": "GHSA-m4vc-4prp-cvp7", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "homarr-labs", "product": "homarr", "versions": [{"status": "affected", "version": "< 1.54.0"}]}], "references": [{"url": "https://github.com/homarr-labs/homarr/security/advisories/GHSA-m4vc-4prp-cvp7", "name": "https://github.com/homarr-labs/homarr/security/advisories/GHSA-m4vc-4prp-cvp7", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/homarr-labs/homarr/commit/91fc5a5c747121475a50f2713d571ceb89e95257", "name": "https://github.com/homarr-labs/homarr/commit/91fc5a5c747121475a50f2713d571ceb89e95257", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/homarr-labs/homarr/releases/tag/v1.54.0", "name": "https://github.com/homarr-labs/homarr/releases/tag/v1.54.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Homarr is an open-source dashboard. Prior to version 1.54.0, the integration.all tRPC endpoint in Homarr is exposed as a publicProcedure, allowing unauthenticated users to retrieve a complete list of configured integrations. This metadata includes sensitive information such as internal service URLs, integration names, and service types. This issue has been patched in version 1.54.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862: Missing Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-07T05:54:48.829Z"}}}, "cveMetadata": {"cveId": "CVE-2026-27796", "state": "PUBLISHED", "dateUpdated": "2026-03-09T20:44:25.718Z", "dateReserved": "2026-02-24T02:31:33.265Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-07T05:54:48.829Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:homarr:homarr:*:*:*:*:*:*:*:*", "matchCriteriaId": "CFFCA4B2-8A81-4B17-93E9-0E177DF83401", "versionEndExcluding": "1.54.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Homarr is an open-source dashboard. Prior to version 1.54.0, the integration.all tRPC endpoint in Homarr is exposed as a publicProcedure, allowing unauthenticated users to retrieve a complete list of configured integrations. This metadata includes sensitive information such as internal service URLs, integration names, and service types. This issue has been patched in version 1.54.0."}, {"lang": "es", "value": "Homarr es un panel de control de c\u00f3digo abierto. Antes de la versi\u00f3n 1.54.0, el endpoint tRPC integration.all en Homarr est\u00e1 expuesto como un publicProcedure, permitiendo a usuarios no autenticados recuperar una lista completa de integraciones configuradas. Estos metadatos incluyen informaci\u00f3n sensible como URLs de servicios internos, nombres de integraci\u00f3n y tipos de servicio. Este problema ha sido parcheado en la versi\u00f3n 1.54.0."}], "id": "CVE-2026-27796", "lastModified": "2026-03-10T16:24:21.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-07T06:16:09.663", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/homarr-labs/homarr/commit/91fc5a5c747121475a50f2713d571ceb89e95257"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/homarr-labs/homarr/releases/tag/v1.54.0"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/homarr-labs/homarr/security/advisories/GHSA-m4vc-4prp-cvp7"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-862"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.54.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "homarr", "source": "cna", "vendor": "homarr-labs"}, "product": "homarr", "vendor": "homarr-labs"}], "analysis": {"en": {"generated_at": "2026-04-17T12:13:35.089518+00:00", "value": {"mitigation_remediation": ["Upgrade Homarr to version 1.54.0 or later to apply the patch that requires authentication for the integration.all endpoint.", "Deploy the Homarr instance behind a firewall or reverse proxy that restricts access to trusted networks or requires authentication before reaching the application.", "Configure network ACLs to allow inbound traffic only from known internal services or IP ranges, ensuring that unauthenticated external requests cannot reach the Homarr API."], "summary": {"action": "Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "Homarr dashboards running any version prior to 1.54.0, in particular releases up to 1.53.x, are affected. The vendor product homarr\u2011labs:homarr is the only affected system identified in this advisory.", "description_and_impact": "This vulnerability arises from the homarr\u2011labs homarr integration.all tRPC endpoint being exposed as a publicProcedure before version 1.54.0. Unauthenticated users can call this endpoint and obtain a comprehensive list of configured integrations, which includes internal service URLs, integration names, and service types. The exposure represents a confidentiality breach in line with CWE\u2011200 and a missing authorization failure consistent with CWE\u2011862, potentially allowing attackers to discover sensitive infrastructure details.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity. EPSS indicates a probability of exploitation less than 1%, and the vulnerability is not yet listed in CISA's KEV catalog, implying low current exploitation likelihood. The likely attack vector is a remote HTTP request to the Homarr instance, which does not require authentication to reach the vulnerable endpoint. Once accessed, the attacker can gather internal URLs and service metadata, potentially facilitating further attacks."}}}}, "created": "2026-03-09T10:05:45.247695+00:00", "updated": "2026-04-17T12:15:18.174897+00:00", "vendors": ["homarr-labs", "homarr-labs$PRODUCT$homarr"]}