Critical severityNVD Advisory· Published Jan 22, 2026· Updated Apr 15, 2026
CVE-2026-1201
CVE-2026-1201
Description
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.