Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/03/27 5:9 p.m.1 views

CVE-2026-26071

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::string concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update EV/ISO15118 and OCPP session/authorization events. Version 2026.02.0 contains a patch...

4.2CVSS5.9AI score0.00006EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-19199

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00092EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/08/12 2:54 p.m.14 views

CVE-2024-21550

SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central server for management of registered charge points. Attackers can inject arbitrary HTML and Javascript code via WebSockets leading to persistent Cross-Site...

6.1CVSS6.2AI score0.00092EPSS
Exploits0References4
CVE
CVEadded 2024/08/12 2:54 p.m.42 views

CVE-2024-21550

The CVE-2024-21550 entry concerns SteVe, an open platform implementing OCPP for EV charging points. Affected component: SteVe management interface accessed over WebSockets. Root cause: attackers can inject arbitrary HTML/JavaScript via WebSockets, resulting in persistent Cross‑Site Scripting. Imp...

6.1CVSS6.1AI score0.00092EPSS
Exploits0References4Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2024/06/21 12:0 a.m.17 views

(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Missing Encryption Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the OCPP protocol. The issue...

6.3CVSS7AI score0.0008EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/06/21 12:0 a.m.19 views

(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Improper Log Output Neutralization Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to injection malicious content into log files on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of logging. The...

3.1CVSS7.2AI score0.00145EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/06/21 12:0 a.m.13 views

(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol UpdateFirmware Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the location parameter of the...

7.5CVSS7.2AI score0.00508EPSS
Exploits0References1
Rows per page
Query Builder