CVE-2026-28230
SteVe (open-source EV charging station management) versions up to 3.11.0 are vulnerable to a StopTransaction impact where a charger can terminate another charger’s active session. Root cause: OcppServerRepositoryImpl.getTransaction() queries only by transactionId and does not verify chargeBoxId o...