Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/02/28 1:55 a.m.5 views

CVE-2026-28230

SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a StopTransaction message, SteVe looks up the transaction solely by transactionId a sequential integer starting from 1 without verifying that the requesting charger matches...

7.1CVSS5.9AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2026/02/26 10:49 p.m.6 views

CVE-2026-28230 In SteVe, any authenticated charger can terminate any other charger's active transaction (missing ownership verification on StopTransaction)

SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a StopTransaction message, SteVe looks up the transaction solely by transactionId a sequential integer starting from 1 without verifying that the requesting charger matches...

7.1CVSS5.8AI score0.0016EPSS
Exploits0References4
CVE
CVE
added 2026/02/26 10:49 p.m.12 views

CVE-2026-28230

SteVe (open-source EV charging station management) versions up to 3.11.0 are vulnerable to a StopTransaction impact where a charger can terminate another charger’s active session. Root cause: OcppServerRepositoryImpl.getTransaction() queries only by transactionId and does not verify chargeBoxId o...

7.1CVSS5.4AI score0.0016EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/05/20 10:15 a.m.2 views

DEBIAN-CVE-2024-35956

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations Create subvolume, create snapshot and delete subvolume all use btrfssubvolumereservemetadata to reserve metadata for the changes done to the parent subvolume's f...

5.5CVSS5.7AI score0.00227EPSS
Exploits0References1
Rows per page
Query Builder