CVE-2026-54640
HIGH SEVERITYCVSS Score & Metrics
Base Score
7.6 / 10
Vulnerability Description
OpenRemote has an incomplete fix for CVE-2026-40882: XXE in KNXProtocol.startAssetImport() allows arbitrary file read via unprotected XMLInputFactory
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
maven
Product
io.openremote:openremote-agent
Discussion (0)
Add Comment
No comments yet. Be the first!