CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/06/03 10:16 a.m.•8 views

CVE-2026-41032 Phoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllers

It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...

7.5CVSS5.8AI score0.0026EPSS

CVE•added 2026/06/03 10:16 a.m.•28 views

CVE-2026-41032

The CVE-2026-41032 entry concerns Phoenix Contact CHARX SEC-3xxx charging controller firmware. Affected component: firmware on CHARX SEC-3xxx charging controllers. Vulnerability: an unauthenticated adjacent attacker can download log files from the controller, potentially exposing restricted infor...

7.5CVSS5.8AI score0.0026EPSS

RedhatCVE•added 2026/05/29 8:13 p.m.•10 views

CVE-2026-9398

A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426. This affects an unknown part of the component BLE/WiFi. Such manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. Attacks of this...

3.1CVSS5.2AI score0.00345EPSS

RedhatCVE•added 2026/05/29 8:13 p.m.•13 views

CVE-2026-9039

A configuration weakness in the device’s remote management service allows an authenticated session to be established over a communication channel intended solely for vehicle-charger signaling. The service is accessible on interfaces exposed through the charging connector, and it accepts a default...

RedhatCVE•added 2026/05/29 8:13 p.m.•9 views

CVE-2026-9038

A stack-based buffer overflow vulnerability in the charging controller’s signal-processing logic allows an attacker with physical access to the charging interface to supply message fields that exceed expected bounds. Because the input is not sufficiently validated, memory corruption may occur,...

NVD•added 2026/05/28 8:16 p.m.•12 views

CVE-2026-9039

8.6CVSS0.00169EPSS

ATTACKERKB•added 2026/05/28 7:7 p.m.•10 views

CVE-2026-9039

Vulnrichment•added 2026/05/28 7:7 p.m.•10 views

CVE-2026-9039 Initialization of a resource with an insecure default in XCharge C6

EUVD•added 2026/05/28 7:7 p.m.•9 views

EUVD-2026-33004

CVE•added 2026/05/28 7:7 p.m.•19 views

CVE-2026-9039

CVE-2026-9039 affects the XCharge C6 via a configuration weakness in the device’s remote management service. An authenticated session can be established over a channel intended only for vehicle-charger signaling. The service is exposed on interfaces at the charging connector and accepts a default...

Cvelist•added 2026/05/28 7:5 p.m.•24 views

CVE-2026-9038 Stack-based buffer overflow in XCharge C6

8.6CVSS0.00209EPSS

CVE•added 2026/05/28 7:5 p.m.•29 views

CVE-2026-9038

CVE-2026-9038 describes a stack-based buffer overflow in the charging controller’s signal-processing logic (XCharge C6). The vulnerability allows a physically proximate attacker to send oversized message fields, leading to memory corruption and potential execution of unauthorized code with elevat...

Vulnrichment•added 2026/05/28 7:5 p.m.•8 views

CVE-2026-9038 Stack-based buffer overflow in XCharge C6

EUVD•added 2026/05/28 7:5 p.m.•15 views

EUVD-2026-33003

ATTACKERKB•added 2026/05/28 7:5 p.m.•7 views

CVE-2026-9038

ATTACKERKB•added 2026/05/28 7:4 p.m.•9 views

CVE-2026-9037

A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through the device's management interface. Because cryptographic signatures are not verified, an attacker with the ability to interfere with or impersonate the...

9.3CVSS6AI score0.00224EPSS

Positive Technologies•added 2026/05/28 12:0 a.m.•10 views

PT-2026-44500

Positive Technologies•added 2026/05/28 12:0 a.m.•15 views

PT-2026-44499