Vulnerabilities > Nanoleaf > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-27 | CVE-2022-47758 | Improper Certificate Validation vulnerability in Nanoleaf Firmware 7.1.1 Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack. | 9.8 |
| 2023-04-18 | CVE-2022-46640 | Command Injection vulnerability in Nanoleaf Desktop Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request. | 9.8 |