CVE-2026-20748

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

Mobiliti 代码问题漏洞

Mobiliti is an electric vehicle charging station system developed by the Hungarian company Mobiliti. Mobiliti has a code vulnerability that arises from using charging station identifiers to associate sessions, but allowing multiple endpoints to use the same session identifier for connection. This...

PT-2026-23711

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

PT-2026-23581

Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This results in predictable...

EUVD-2026-8960

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...

CloudCharge 代码问题漏洞

CloudCharge is a website for electric vehicle charging management developed by the Swedish company CloudCharge. CloudCharge has code-related vulnerabilities; these vulnerabilities stem from the WebSocket backend, which uses charging station identifiers to associate sessions. However, multiple...

PT-2026-22264

Name of the Vulnerable Software and Affected Versions Charging station software affected versions not specified Description The WebSocket backend associates sessions using charging station identifiers, but allows multiple endpoints to connect with the same session identifier. This results in...

CVE-2026-25711

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent...