CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

130 matches found

Vulnrichment•added 2026/03/06 3:5 p.m.•4 views

CVE-2026-20882 Mobiliti e-mobi.hu Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS5.8AI score0.00437EPSS

Exploits0References3

CVE•added 2026/03/06 3:5 p.m.•13 views

CVE-2026-20882

CVE-2026-20882 affects the Mobiliti/e-mobi.hu implementation. The issue is the WebSocket API’s lack of rate limiting on authentication attempts, enabling potential denial-of-service via suppression/mis-routing of charger telemetry and possible brute-forcing to gain unauthorized access. Public con...

8.7CVSS5.8AI score0.00437EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/03/06 3:5 p.m.•28 views

CVE-2026-20882 Mobiliti e-mobi.hu Improper Restriction of Excessive Authentication Attempts

8.7CVSS0.00437EPSS

Exploits0References3

NVD•added 2026/03/06 12:16 a.m.•5 views

CVE-2026-27778

8.7CVSS0.00601EPSS

Exploits1References3

Positive Technologies•added 2026/03/06 12:0 a.m.•5 views

PT-2026-23712

Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable an attacke...

8.7CVSS5.8AI score0.00437EPSS

Exploits0References6

Positive Technologies•added 2026/03/06 12:0 a.m.•5 views

PT-2026-23713

8.7CVSS5.8AI score0.00357EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 11:36 p.m.•2 views

CVE-2026-27778

8.7CVSS6AI score0.00601EPSS

Exploits1References4

Vulnrichment•added 2026/03/05 11:36 p.m.•1 views

CVE-2026-27778 ePower epower.ie Improper Restriction of Excessive Authentication Attempts

8.7CVSS5.8AI score0.00601EPSS

Exploits1References3

CVE•added 2026/03/05 11:36 p.m.•20 views

CVE-2026-27778

The CVE-2026-27778 entry concerns the WebSocket API. The root cause is no rate limiting on authentication attempts, allowing potential denial-of-service by disrupting legitimate charger telemetry and enabling brute-force access attempts. The available documents consistently describe the issue but...

8.7CVSS6AI score0.00601EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/03/05 11:36 p.m.•32 views

CVE-2026-27778 ePower epower.ie Improper Restriction of Excessive Authentication Attempts

8.7CVSS0.00601EPSS

Exploits1References3

Positive Technologies•added 2026/03/05 12:0 a.m.•7 views

PT-2026-23576

8.7CVSS5.8AI score0.00601EPSS

Exploits1References8

RedhatCVE•added 2026/02/28 1:55 a.m.•4 views

CVE-2026-25114

9.8CVSS6AI score0.00475EPSS

Exploits0References1

RedhatCVE•added 2026/02/28 1:55 a.m.•5 views

CVE-2026-25945

9.8CVSS6AI score0.00521EPSS

Exploits0References1

RedhatCVE•added 2026/02/28 1:55 a.m.•3 views

CVE-2026-24445

9.8CVSS6AI score0.00487EPSS

Exploits0References1

RedhatCVE•added 2026/02/28 1:55 a.m.•2 views

CVE-2026-20792

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain...

9.8CVSS6AI score0.00477EPSS

Exploits0References1