CVE-2026-44698: Home Assistant Companion App Token Theft Vulnerability
Home Assistant Companion apps for iOS and Android contain a vulnerability that allows malicious websites viewed in the app to steal a user's access token and run code as if they were logged into Home Assistant. The flaw stems from improper protection of a JavaScript bridge that connects web content to native app functionality. An attacker can craft a webpage with hidden content that tricks the bridge into executing arbitrary commands with the victim's credentials, effectively compromising their Home Assistant account.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 8.3 HIGH · CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
- Weaknesses (CWE)
- CWE-346, CWE-749, CWE-94, CWE-940
- Affected products
- 0 configuration(s)
- Published / Modified
- 2026-05-29 / 2026-06-17
NVD description (verbatim)
Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and 2026.4.4 for Android, he Home Assistant Companion apps for Android and iOS expose a JavaScript bridge to the in-app WebView window.externalApp on Android and webkit.messageHandlers.getExternalAuth (alongside revokeExternalAuth and externalBus) on iOS. Two flaws expose the bridge to all frames (including cross-origin iframes) and unsanitized interpolation of the JavaScript callback identifier allows a cross-origin iframe rendered inside the Companion app to execute arbitrary JavaScript in the Home Assistant frontend's main-frame origin and exfiltrate the signed-in user's access token. This vulnerability is fixed in 2026.4.1 for iOS and 2026.4.4 for Android.
1 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
The vulnerability exploits two configuration weaknesses in the Home Assistant Companion mobile apps. First, the JavaScript bridge methods (window.externalApp on Android and webkit.messageHandlers functions including getExternalAuth, revokeExternalAuth, and externalBus on iOS) are exposed to all frames in the WebView, including cross-origin iframes, without proper origin validation. Second, callback identifiers passed to these bridge methods are not sanitized before interpolation into JavaScript execution contexts. An attacker can embed a malicious cross-origin iframe within a webpage loaded by the Companion app's built-in browser. When this iframe invokes the exposed bridge methods with specially crafted callback parameters, it bypasses same-origin policy enforcement and executes arbitrary JavaScript in the context of the Home Assistant frontend's main frame, gaining access to the authentication token stored in that origin.
Business impact
Compromise of a user's Home Assistant access token enables full account takeover, allowing attackers to query, control, and reconfigure all smart home automations and devices managed by that instance. Depending on Home Assistant deployment scope, this could include lighting, locks, thermostats, security cameras, and other IoT devices in residential or small commercial environments. Attackers could also pivot to cloud-connected services if Home Assistant integrations with external platforms (weather APIs, voice assistants, etc.) are configured. For organizations deploying Home Assistant in multi-user or shared environments, credential theft poses data privacy and facility control risks.
Affected systems
Home Assistant Companion app versions prior to 2026.4.1 on iOS and prior to 2026.4.4 on Android are vulnerable. The attack requires that a user visit an attacker-controlled website (or be redirected to one through compromised advertising or phishing) within the app's built-in browser or WebView component. Users of Home Assistant web interface on standard web browsers are not directly affected unless they access the Home Assistant frontend through a vulnerable Companion app.
Exploitability
The vulnerability requires user interaction—specifically, a victim must visit a malicious webpage while using the Companion app—making the attack vector network-based but contingent on social engineering or compromise of legitimate web content. The attack does not require authentication or special privileges. Once a user clicks a link or loads a page in the app, the malicious iframe operates transparently. The complexity is moderate due to the need to craft a proper iframe payload that triggers the bridge and exfiltrates the token, but automation tooling can lower the barrier for attackers. Public disclosure and technical details will likely enable widespread exploitation once patches are widely deployed.
Remediation
iOS users should upgrade to Home Assistant Companion app version 2026.4.1 or later. Android users should upgrade to version 2026.4.4 or later. Both patches validate the origin of frames invoking the JavaScript bridge and sanitize callback identifiers to prevent code injection. Users should prioritize this update as soon as it is available in their respective app store. If a user suspects their Home Assistant token has been compromised (unusual automations triggering, unexpected device state changes, or suspicious login attempts), they should immediately rotate their authentication credentials in Home Assistant settings and review connected integrations.
Patch guidance
Update the Home Assistant Companion app for iOS to 2026.4.1 or later and for Android to 2026.4.4 or later via the iOS App Store or Google Play Store respectively. Verify the update installation by checking the app version in Settings > About. No configuration changes are required post-update. Organizations that manage Home Assistant instances used by multiple team members should communicate the update requirement and verify deployment across all user devices. Consider enabling Home Assistant's optional authentication logs if available to audit any suspicious token usage during the patching window.
Detection guidance
Monitor Home Assistant access logs and authentication events for anomalous token usage, including login attempts from unexpected IP addresses or user agents during or shortly after the vulnerability window. Check for unusual automation triggers, entity state changes, or service calls that the compromised user did not initiate. Organizations running Home Assistant can implement network segmentation to limit Companion app traffic to trusted endpoints and monitor for unexpected outbound connections that might indicate token exfiltration. If Home Assistant is behind a proxy or reverse proxy, inspect HTTP headers for cross-origin request patterns that might indicate exploitation attempts.
Why prioritize this
This vulnerability warrants prompt remediation because it enables full account compromise with moderate exploitation barriers (social engineering to visit a malicious page) and no requirement for authentication or special privileges. The exposed JavaScript bridge directly handles authentication tokens, making it a high-value target. The CVSS 8.3 score reflects the high confidentiality, integrity, and cross-site impact. Although KEV has not been assigned, the technical simplicity of the underlying flaw and the widespread use of Companion apps in consumer and small-business deployments make exploitation likely following public disclosure.
Risk score, explained
The CVSS 3.1 score of 8.3 (HIGH) is assigned due to: (1) Network attack vector—exploitation occurs over the internet; (2) High user interaction requirement—a user must visit a malicious page; (3) High confidentiality impact—the user's access token is directly exfiltrated; (4) High integrity impact—arbitrary code execution allows modification of Home Assistant state and automations; (5) High availability impact—an attacker can disrupt or disable automations; (6) Changed scope—the vulnerability allows a cross-origin iframe to break out of its sandbox and affect the main Home Assistant frontend context. The overall severity is tempered slightly by the user interaction requirement but remains HIGH due to the severity of credential compromise.
Frequently asked questions
Can an attacker exploit this vulnerability if I only use Home Assistant on a web browser, not the mobile app?
No, the vulnerability is specific to the Home Assistant Companion apps for iOS and Android. Web browser access to Home Assistant frontend is not affected. However, if you use both, ensure the Companion app is updated.
What should I do if I suspect my Home Assistant account was compromised before I learned about this vulnerability?
Immediately change your Home Assistant password or authentication token in the user settings, review all connected integrations and automations for unauthorized changes, revoke active sessions, and monitor future access logs for suspicious activity. If you integrated Home Assistant with external services (e.g., voice assistants, automation platforms), review those integrations for unauthorized access.
Does enabling two-factor authentication in Home Assistant protect against token theft?
Two-factor authentication protects against password-based login attacks but not token theft. Once an attacker obtains a valid access token through this vulnerability, they bypass authentication steps. Rotate or revoke tokens after updating the app and verify no suspicious automations are active.
Is there a workaround if I cannot update the Companion app immediately?
The safest workaround is to avoid visiting untrusted websites or clicking suspicious links within the Companion app's browser until you can update. If possible, disable the app's built-in browser or use only trusted internal Home Assistant interfaces. However, updates should be prioritized.
This analysis is provided for informational purposes and reflects the vulnerability details available as of the publication date. Patch version numbers and affected versions are derived from the official vendor advisory and should be verified directly with Home Assistant release notes. Organizations should conduct their own risk assessment based on their deployment scope and user base. No exploit code is provided; this advisory is intended to inform defensive posture and patching decisions. Security teams should coordinate update deployment with change management processes. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-45353HIGHElecterm Terminal Client Local Privilege Escalation Vulnerability
- CVE-2026-10904HIGHChrome V8 Sandbox Escape Remote Code Execution
- CVE-2026-10928HIGHScript Injection in Google Chrome Headless – CVSS 8.8 High Severity
- CVE-2026-1829HIGHContent Visibility for Divi Builder Plugin RCE (v4.02 and below)
- CVE-2026-41249HIGHCoreShop GitHub Actions RCE via Malicious Pull Request
- CVE-2026-42588HIGHApache ActiveMQ Remote Code Execution via Jolokia Code Injection
- CVE-2026-44798HIGHNautobot GitRepository Privilege Escalation – Unauthorized State Manipulation
- CVE-2026-45505HIGHApache ActiveMQ Code Injection Vulnerability—Exploit & Patch Guidance