Lucene search
K

29 matches found

NVD
NVD
added 2026/02/27 12:16 a.m.9 views

CVE-2026-20895

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

7.5CVSS0.00356EPSS
Exploits0References3
CVE
CVE
added 2026/02/27 12:2 a.m.11 views

CVE-2026-25778

CVE-2026-25778 concerns the WebSocket backend used to manage charging-station sessions. The system ties sessions to charging-station identifiers but allows multiple endpoints to connect with the same session identifier, yielding predictable session IDs. This can enable session hijacking or shadow...

7.5CVSS5.5AI score0.00313EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/27 12:2 a.m.2 views

CVE-2026-25778

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.8 views

PT-2026-22241

Name of the Vulnerable Software and Affected Versions WebSocket backend affected versions not specified Description The backend utilizes charging station identifiers to uniquely associate sessions but permits multiple endpoints to connect using the same session identifier. This results in...

7.5CVSS5.9AI score0.00313EPSS
Exploits0References8
CVE
CVE
added 2026/02/26 11:48 p.m.8 views

CVE-2026-20895

The CVE-2026-20895 entry describes a vulnerability in the WebSocket backend used by EV2GO ev2go.io where session identifiers are used to bind sessions to charging stations but can be reused across multiple endpoints. This leads to predictable session identifiers and enables session hijacking or s...

7.5CVSS5.5AI score0.00356EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/26 11:48 p.m.18 views

CVE-2026-20895 EV2GO ev2go.io Insufficient Session Expiration

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

7.3CVSS0.00356EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/26 11:8 p.m.3 views

CVE-2026-25711

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

7.5CVSS5.8AI score0.00324EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/26 11:8 p.m.25 views

CVE-2026-25711 Chargemap chargemap.com Insufficient Session Expiration

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

7.3CVSS0.00324EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.4 views

PT-2026-22238

Name of the Vulnerable Software and Affected Versions WebSocket backend affected versions not specified Description The backend utilizes charging station identifiers to uniquely associate sessions but permits multiple endpoints to connect using the same session identifier. This results in...

7.5CVSS5.9AI score0.00356EPSS
Exploits0References7
Rows per page
Query Builder