ha-mcp 6.7.0 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ha-mcp package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS) ha-mcp is a Home Assistant MCP Server - Complete control of Home Assistant through MCP Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the OAuth consent form rendering process. An attacker can execute arbitrary JavaScript in the server operator's browser by registering a client with a crafted `client_name` and convincing the operator to follow a malicious authorization URL. This is only exploitable if the application is running in OAuth mode (`ha-mcp-oauth`) with `MCP_BASE_URL` configured, and the server operator is persuaded to visit a crafted authorization link for an unrecognized application. How to fix Cross-site Scripting (XSS)? Upgrade `ha-mcp` to version 7.0.0 or higher.	[,7.0.0)
M Server-side Request Forgery (SSRF) ha-mcp is a Home Assistant MCP Server - Complete control of Home Assistant through MCP Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the `ha_url` parameter in the OAuth consent form and forged tokens in REST and WebSocket tool calls. An attacker can enumerate internal network hosts and open ports by submitting crafted URLs and analyzing distinct error messages returned by the server. This is only exploitable if the OAuth 2.1 DCR mode is enabled and the beta OAuth consent feature is used. How to fix Server-side Request Forgery (SSRF)? Upgrade `ha-mcp` to version 7.0.0 or higher.	[,7.0.0)

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)

ha-mcp is a Home Assistant MCP Server - Complete control of Home Assistant through MCP

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the OAuth consent form rendering process. An attacker can execute arbitrary JavaScript in the server operator's browser by registering a client with a crafted client_name and convincing the operator to follow a malicious authorization URL. This is only exploitable if the application is running in OAuth mode (ha-mcp-oauth) with MCP_BASE_URL configured, and the server operator is persuaded to visit a crafted authorization link for an unrecognized application.

How to fix Cross-site Scripting (XSS)?

Upgrade ha-mcp to version 7.0.0 or higher.

[,7.0.0)

Server-side Request Forgery (SSRF)

ha-mcp is a Home Assistant MCP Server - Complete control of Home Assistant through MCP

Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) via the ha_url parameter in the OAuth consent form and forged tokens in REST and WebSocket tool calls. An attacker can enumerate internal network hosts and open ports by submitting crafted URLs and analyzing distinct error messages returned by the server. This is only exploitable if the OAuth 2.1 DCR mode is enabled and the beta OAuth consent feature is used.

How to fix Server-side Request Forgery (SSRF)?

Upgrade ha-mcp to version 7.0.0 or higher.

[,7.0.0)

ha-mcp@6.7.0 vulnerabilities

Home Assistant MCP Server - Complete control of Home Assistant through MCP

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically