FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

homebox -- multiple vulnerabilities

Affected packages
		homebox	<	0.24.0

Details

VuXML ID	db3bdcc6-377f-47d9-9ce8-4bdede4fdafe
Discovery	2026-03-01
Entry	2026-03-17

Homebox reports:

[HIGH] CVE-2026-27981: Auth Rate Limit Bypass via IP Spoofing
[MODERATE] CVE-2026-27600: Blind SSRF
[MODERATE] CVE-2026-26272: Stored XSS via HTML/SVG Attachment Upload

References

CVE Name	CVE-2026-26272
CVE Name	CVE-2026-27600
CVE Name	CVE-2026-27981

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.