CVE-2026-26272 — HomeBox is a home inventory and organization system. Prior to 0.24.0-rc.1, a stored cross-site scripting (XSS) vulnerability exists in the item attachment upload functionality. The application does no — CVE Database · The Intelligence Room