EUVD-2026-16793

Q: Is Docker affected by EUVD-2026-16793?

CVE-2026-34205 affects Home Assistant deployments on Linux where Docker host network mode exposes internal services to any device on the local network without authentication, allowing unauthorized access to sensitive home automation infrastructure.

| CVE-2026-34205 CRITICAL

2026-03-27 [email protected]

9.6

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

PoC Detected

Mar 30, 2026 - 13:26 vuln.today

Public exploit code

Analysis Generated

Mar 27, 2026 - 20:22 vuln.today

EUVD ID Assigned

Mar 27, 2026 - 20:22 euvd

EUVD-2026-16793

CVE Published

Mar 27, 2026 - 20:16 nvd

CRITICAL 9.6

Description

Home Assistant is open source home automation software that puts local control and privacy first. Home Assistant apps (formerly add-ons) configured with host network mode expose unauthenticated endpoints bound to the internal Docker bridge interface to the local network. On Linux, this configuration does not restrict access to the app as intended, allowing any device on the same network to reach these endpoints without authentication. Home Assistant Supervisor 2026.03.02 addresses the issue.

Analysis

Unauthenticated network access to Home Assistant apps bypasses intended Docker isolation on Linux systems, exposing internal services to any device on the local network. Apps configured with host network mode inadvertently bind internal Docker bridge endpoints to the broader LAN without authentication controls, enabling unauthorized access with high confidentiality, integrity, and availability impact (CVSS 9.6). …

Remediation

Within 24 hours: Identify all Home Assistant Supervisor instances running versions prior to 2026.03.02 and assess network architecture (verify if host network mode is enabled). Within 7 days: Apply vendor-released patch to Home Assistant Supervisor 2026.03.02 or later on all affected systems; if patching is not immediately feasible, implement Layer 2/3 network segmentation to isolate Home Assistant instances from general-purpose LAN. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +48

POC: +20

EUVD-2026-16793 vulnerability details – vuln.today

Back

EUVD-2026-16793

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-16793

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code