CVE-2026-54479
The CVE concerns a WebSocket backend where charging station identifiers are used to bind sessions but multiple endpoints can connect with the same session identifier, producing predictable session IDs. This can allow unauthorized users to authenticate as other users or enable a DoS by flooding th...