Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
2 CRITICAL18 MEDIUM
CVE-2026-22890
MEDIUM CVSS 6.9
Find Similar
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
ev2go
NVD RRF 0.016
CVE-2026-28204
MEDIUM CVSS 6.9
Find Similar
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
NVD RRF 0.016
CVE-2026-27777
MEDIUM CVSS 6.9
Find Similar
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
NVD RRF 0.016
CVE-2026-27770
MEDIUM CVSS 6.9
Find Similar
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
NVD RRF 0.015
CVE-2026-27027
MEDIUM CVSS 6.9
Find Similar
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
NVD RRF 0.015
CVE-2026-31926
MEDIUM CVSS 6.9
Find Similar
Charging station authentication identifiers are publicly accessible via web-based mapping platforms.
NVD RRF 0.014
CVE-2026-27652
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in pred
cloudcharge
NVD RRF 0.014
CVE-2026-25711
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in pred
chargemap
NVD RRF 0.014
CVE-2026-20781
CRITICAL CVSS 9.3
Find Similar
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can c
cloudcharge
NVD RRF 0.014
CVE-2026-24912
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predic
epower
NVD RRF 0.013
CVE-2026-25851
CRITICAL CVSS 9.3
Find Similar
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can c
chargemap
NVD RRF 0.013
CVE-2026-20895
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in pred
ev2go
NVD RRF 0.013
CVE-2026-27647
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in pred
mobility46
NVD RRF 0.013
CVE-2026-27649
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predic
ctek
NVD RRF 0.013
CVE-2026-26290
MEDIUM CVSS 6.9
Find Similar
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in pred
ev.energy
NVD RRF 0.013
Page 1+ Next →