CVE-2026-32294

Published March 17th, 2026

View on NVD ↗

CVSS v3

4.7

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification.

jetkvm/kvm

JetKVM - Control any computer remotely

GitHub

4.67K