vulnerability
FreeBSD: VID-587ed8ac-5957-11ef-854a-001e676bf734: OpenHAB CometVisu addon -- Multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Aug 9, 2024 | Aug 13, 2024 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Aug 9, 2024
Added
Aug 13, 2024
Modified
Dec 10, 2025
Description
OpenHAB reports: This patch release addresses the following security advisories: SSRF/XSS (CometVisu) - GHSA-v7gr-mqpj-wwh3 Sensitive information disclosure (CometVisu) - GHSA-3g4c-hjhr-73rj RCE through path traversal (CometVisu) - GHSA-f729-58x4-gqgf Path traversal (CometVisu) - GHSA-pcwp-26pw-j98w All of these are related to the CometVisu add-on for openHAB - if you are a user of CometVisu, we strongly recommend to upgrade your system to openHAB 4.2.1 in order to fix those vulnerabilities.
Solution
freebsd-upgrade-package-openhab-addons
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.