CVE-2026-36959

U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication attempts, enabling brute-force attacks against the administrator account and potential unauthoriz...

CVE-2026-31904

CVE-2026-31904 concerns the WebSocket API used by CTEK Chargeportal. The issue arises from a lack of rate limiting on authentication requests within the WebSocket interface, which could allow an attacker to perform denial-of-service attacks that suppress or mis-route charger telemetry, or execute...

CVE-2026-20882

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-20882 Mobiliti e-mobi.hu Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-27778 ePower epower.ie Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-27778 ePower epower.ie Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-25945

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-26305

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2026-24445

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

SWITCH EV 安全漏洞

SWITCH EV is a electric vehicle charging facility management platform developed by the US company SWITCH. SWITCH EV has a security vulnerability, which stems from the lack of a limit on the number of authentication requests in the WebSocket application programming interface. This vulnerability...

CVE-2026-20792

The CVE-2026-20792 entry concerns the WebSocket API used for charger telemetry (Chargemap chargemap.com) and is triggered by insufficient rate limiting on authentication requests. The root cause is the lack of restrictions on the number of authentication attempts, which can allow denial-of-servic...

CVE-2026-20792 Chargemap chargemap.com Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain...

CVE-2025-53968

This vulnerability arises because there are no limitations on the number of authentication attempts a user can make. An attacker can exploit this weakness by continuously sending authentication requests, leading to a denial-of-service DoS condition. This can overwhelm the authentication system,...

EUVD-2003-0683

Malware in sbrugna...

EUVD-2013-0933

Malware in sbrugna...

EUVD-2008-7072

Malware in sbrugna...

EUVD-2019-13381

Malware in sbrugna...

EUVD-2016-4098

Malware in sbrugna...

SICK AG Baggage Analytics 安全漏洞

SICK AG Baggage Analytics is a visualization and analysis software for airport tracking systems from SICK AG, Germany. A security vulnerability exists in SICK AG Baggage Analytics that stems from the possibility of brute-force breaking of folders and files, which could lead to the disclosure of...

SonicWall Releases Advisory for Customers after Security Incident

SonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web portal to gain...