Security Advisory

CVE-2026-32294

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-17 17:19:22

Last updated 2026-03-17 18:12:13

Assigner cisa-cg

State PUBLISHED

Description

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification.

← Browse all CVEs View on cve.org ↗