CVE-2026-22878

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-22890

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

EUVD-2026-8948

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-25774

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-22878

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

EUVD-2026-8928

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-22878 Mobility46 mobility46.se Insufficiently Protected Credentials

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-20733

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-25774

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-27773

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

PT-2026-22245

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-22890

Technical details are not publicly available in the provided documents. Monitor for updates from the listed sources to determine affected products, root cause, impact, and remediation.

CVE-2026-20791

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

CVE-2026-20091

A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control C2 infrastructure to make it resilient to takedown efforts. "Instead of relying on traditional servers or domains for command-and-control, Aeternum stores it...

CVE-2026-27611

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the password and still download the file. This happens because the API returns a direct download link i...

ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing

It is well established that industrial control systems comprise the operational backbone of modern critical infrastructures, yet their increasing connectivity exposes them to cyber threats that are difficult to study and remedy safely under real-time operational conditions. In this paper, we...

ROS-20260224-73-0011

A vulnerability in the iTop web-based IT service management tool is related to the failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Part-DB SQL注入漏洞

Part-DB is an open-source web-based database designed for managing electronic components. Version 0.4 of Part-DB contains a SQL injection vulnerability. This vulnerability stems from SQL injection attacks on authentication parameters, which could allow unverified attackers to bypass authenticatio...

CVE-2026-25951

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences e.g., ....//, an...