CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

130 matches found

Vulnrichment•added 2026/02/27 12:22 a.m.•3 views

CVE-2026-26305 Mobility46 mobility46.se Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS6AI score0.00475EPSS

Exploits0References3

NVD•added 2026/02/27 12:16 a.m.•6 views

CVE-2026-25945

9.8CVSS0.00521EPSS

Exploits0References3

NVD•added 2026/02/27 12:16 a.m.•11 views

CVE-2026-20792

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain...

9.8CVSS0.00477EPSS

Exploits0References3

NVD•added 2026/02/27 12:16 a.m.•5 views

CVE-2026-25113

9.8CVSS0.00465EPSS

Exploits0References3

ATTACKERKB•added 2026/02/27 12:11 a.m.•1 views

CVE-2026-24445

9.8CVSS5.8AI score0.00487EPSS

Exploits0References4

Vulnrichment•added 2026/02/27 12:11 a.m.•6 views

CVE-2026-24445 EV Energy ev.energy Improper Restriction of Excessive Authentication Attempts

8.7CVSS6AI score0.00487EPSS

Exploits0References3

Cvelist•added 2026/02/27 12:11 a.m.•20 views

CVE-2026-24445 EV Energy ev.energy Improper Restriction of Excessive Authentication Attempts

8.7CVSS0.00487EPSS

Exploits0References3

CNNVD•added 2026/02/27 12:0 a.m.•5 views

Chargemap 安全漏洞

Chargemap is a electric vehicle service platform website operated by the French company Chargemap. Chargemap has a security vulnerability, which stems from the lack of an authentication request limit on the WebSocket API. This vulnerability could lead to denial-of-service attacks or brute-force...

9.8CVSS5.8AI score0.00477EPSS

Exploits0References3

CNNVD•added 2026/02/27 12:0 a.m.•5 views

SWITCH EV 安全漏洞

SWITCH EV is a electric vehicle charging facility management platform developed by the US company SWITCH. SWITCH EV has a security vulnerability, which stems from the lack of a limit on the number of authentication requests in the WebSocket application programming interface. This vulnerability...

9.8CVSS5.8AI score0.00465EPSS

Exploits0References3

Positive Technologies•added 2026/02/27 12:0 a.m.•6 views

PT-2026-22265

Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not limit the number of authentication requests. This lack of rate limiting could enable an attacker t...

9.8CVSS5.9AI score0.00475EPSS

Exploits0References10

Cvelist•added 2026/02/26 11:59 p.m.•18 views

CVE-2026-25113 SWITCH EV swtchenergy.com Improper Restriction of Excessive Authentication Attempts

8.7CVSS0.00465EPSS

Exploits0References3

ATTACKERKB•added 2026/02/26 11:59 p.m.•2 views

CVE-2026-25113

9.8CVSS5.8AI score0.00465EPSS

Exploits0References4

Cvelist•added 2026/02/26 11:46 p.m.•23 views

CVE-2026-25945 EV2GO ev2go.io Improper Restriction of Excessive Authentication Attempts

8.7CVSS0.00521EPSS

Exploits0References3

ATTACKERKB•added 2026/02/26 11:46 p.m.•3 views

CVE-2026-25945

9.8CVSS5.8AI score0.00521EPSS

Exploits0References4

CVE•added 2026/02/26 11:27 p.m.•26 views

CVE-2026-25114

CVE-2026-25114 affects the CloudCharge WebSocket API, described across multiple sources. The core issue is no rate limiting on authentication requests, enabling potential denial-of-service by suppressing/misrouting charger telemetry and brute-force attempts to gain access. Affected software versi...

9.8CVSS5.4AI score0.00475EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/02/26 11:6 p.m.•19 views

CVE-2026-20792 Chargemap chargemap.com Improper Restriction of Excessive Authentication Attempts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain...

8.7CVSS0.00477EPSS

Exploits0References3

CVE•added 2026/02/26 11:6 p.m.•17 views

CVE-2026-20792

The CVE-2026-20792 entry concerns the WebSocket API used for charger telemetry (Chargemap chargemap.com) and is triggered by insufficient rate limiting on authentication requests. The root cause is the lack of restrictions on the number of authentication attempts, which can allow denial-of-servic...

9.8CVSS5.4AI score0.00477EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/02/26 12:0 a.m.•5 views

PT-2026-22240

Name of the Vulnerable Software and Affected Versions WebSocket Application Programming Interface affected versions not specified Description The WebSocket Application Programming Interface does not restrict the number of authentication requests. This lack of rate limiting could enable an attacke...

9.8CVSS6AI score0.00465EPSS

Exploits0References8

Positive Technologies•added 2026/02/26 12:0 a.m.•5 views

PT-2026-22242

9.8CVSS6AI score0.00521EPSS

Exploits0References7

Positive Technologies•added 2026/02/26 12:0 a.m.•9 views

PT-2026-22233

9.8CVSS6AI score0.00475EPSS

Exploits0References7

Rows per page