CVE-2026-40882 | OpenRemote up to 1.21.x Import Endpoint xml external entity reference (GHSA-g24f-mgc3-jwwc)

A vulnerability was found in OpenRemote up to 1.21.x. It has been declared as problematic. Impacted is an unknown function of the component Import Endpoint. Such manipulation leads to xml external entity reference.

This vulnerability is listed as CVE-2026-40882. The attack may be performed from remote. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More