1856 matches found
CVE-2026-26305 Mobility46 mobility46.se Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-26305
CVE-2026-26305 concerns a WebSocket API that does not enforce a limit on authentication requests. Multiple sources (NVD, Red Hat, ENISA EUVD, CVE listing, vuln enrichment) describe the root cause as missing rate limiting, enabling potential denial-of-service by suppressing or misrouting charger t...
CVE-2026-26305
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25945
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25114
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-20792
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25113
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-24445 EV Energy ev.energy Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-24445 EV Energy ev.energy Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
PT-2026-22265
Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not limit the number of authentication requests. This lack of rate limiting could enable an attacker t...
RHEL 9 : opentelemetry-collector (RHSA-2026:3287)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:3287 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: crypto/x509: golang: Denial of Service due to excessive...
CVE-2026-25113 SWITCH EV swtchenergy.com Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25945 EV2GO ev2go.io Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25945 EV2GO ev2go.io Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25114
CVE-2026-25114 affects the CloudCharge WebSocket API, described across multiple sources. The core issue is no rate limiting on authentication requests, enabling potential denial-of-service by suppressing/misrouting charger telemetry and brute-force attempts to gain access. Affected software versi...
CVE-2026-25114 CloudCharge cloudcharge.se Improper Restriction of Excessive Authentication Attempts
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
CVE-2026-25114
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...
MAL-2026-1049 Malicious code in flycord (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b2071af47a4b327550f5614253b291b893e0741e6f2ebe3b4378a4794696d211 When the user uses the provided library, this package silently reports basic information and the result of the user's action to a hardcoded, obfuscated URL...
PT-2026-22217
Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable an attacke...
AlmaLinux 9 : firefox (ALSA-2026:3339)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3339 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bugs...