CVE-2026-4157

ChargePoint Home Flex revssh Service Command Injection (CVE-2026-4157) allows network-adjacent attackers to execute arbitrary code as root due to improper validation of a user-supplied string before invoking a system call in OCPP message handling. Authentication is not required. The issue is docu...

CVE-2026-4156

Summary: CVE-2026-4156 affects ChargePoint Home Flex. The flaw is a stack-based buffer overflow in the OCPP getpreq handling, caused by improper validation of user-supplied data length copied into a fixed-length buffer. This leads to remote code execution in the context of root for network-adjace...

ChargePoint Home Flex 操作系统命令注入漏洞

The ChargePoint Home Flex is a series of electric vehicle charging devices developed by the US company ChargePoint. The ChargePoint Home Flex has a vulnerability related to operating system command injection. This vulnerability stems from insufficient validation during the processing of OCPP...

CVE-2026-26074 EVerest: OCPP201 startup event_queue lock mismatch leads to std::map/std::queue data race

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

CVE-2026-26073 EVerest: OCPP 1.6 heap corruption caused by lock-free insertion in event_queue

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/std::deque corruption. The trigger is powermeter public key update and EV session/error events while OCPP not started. This results in a TSAN data race report and an ASAN/UBSAN...

CVE-2026-26008 EVerest has OOB via EVSE ID Indexing Mismatch in OCPP 2.0.1 UpdateAllowedEnergyTransferModes

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access std::vector that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch...

PT-2026-28351

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race condition that can lead to potential corruption of std::queue and std::deque. The issue is triggered by a...

CVE-2026-29796 IGL-Technologies eParking.fi Missing Authentication for Critical Function

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then...

CVE-2026-27772

CVE-2026-27772 concerns WebSocket endpoints used by OCPP in EV Energy ev.energy deployments. The authenticated requirement is missing: an unauthenticated attacker can connect to the OCPP WebSocket endpoint with a known or discovered charging-station identifier and issue or receive OCPP commands a...

CVE-2026-20781

CVE-2026-20781 concerns WebSocket endpoints used for Open Charge Point Protocol (OCPP) communications that lack proper authentication. The Red Hat, NVD, CVE listings describe an unauthenticated attacker who can connect to the OCPP WebSocket endpoint using a known or discovered charging-station id...

CVE-2026-22539 INFORMATION DISCLOSURE VIA CURL REQUESTS (OCPP)

As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6...

CVE-2026-22539

CVE-2026-22539 describes an information disclosure in OCPP v1.6 where service interactions occur without authentication, allowing an attacker with protocol knowledge to obtain charger information. Red Hat, NVD, CVE List and other sources corroborate that the issue affects Efacec QC charging posts...

Efacec QC 安全漏洞

Efacec QC is a series of electric vehicle charging posts from Efacec Portugal. A security vulnerability exists in the Efacec QC 60/90/120 that stems from a service interaction without authentication, which could lead to an attacker obtaining charger information via the OCPP v1.6 protocol...

The vulnerability of the OCPP microprogramming software for modular control devices for DC charging stations and wall-mounted charging devices from Phoenix Contact CHARX SEC-3100 allows a intruder to execute arbitrary commands.

The vulnerability of the OCPP microprogramming software for modular control devices for DC charging stations and wall-mounted charging devices from Phoenix Contact’s CHARX SEC-3100 exists due to insufficient verification of input data. Exploiting this vulnerability could allow a malicious actor t...

ocpp-jaxb security vulnerability

ocpp-jaxb is the Java mapping for OCPP. A security vulnerability exists in SteVe Community ocpp-jaxb versions prior to 0.0.8 that stems from an invalid timestamp being generated under certain circumstances, leading to SQL exceptions in the application and potentially compromising the integrity of...

PT-2023-31424 · Dalmann · Ocpp.Core

Name of the Vulnerable Software and Affected Versions: Dalmann OCPP.Core versions 1.2.0 and earlier Description: An issue was discovered in Dalmann OCPP.Core for OCPP Open Charge Point Protocol for electric vehicles. The server processes mishandle StartTransaction messages containing additional,...