Mohammad Ali Sayed - Security Researcher - Exploit Intelligence Platform

CVE-2026-25113 WRITEUP HIGH WRITEUP

WebSocket API - DoS

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

CVSS 7.5

View Code

CVE-2026-25114 WRITEUP HIGH WRITEUP

WebSocket API - DoS

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

CVSS 7.5

View Code

CVE-2026-25711 WRITEUP HIGH WRITEUP

WebSocket Backend - Session Hijacking

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.

CVSS 7.3

View Code

CVE-2026-25774 WRITEUP MEDIUM WRITEUP

Charging Station - Info Disclosure

Charging station authentication identifiers are publicly accessible via web-based mapping platforms.

CVSS 6.5

View Code

CVE-2026-25778 WRITEUP HIGH WRITEUP

WebSocket Backend - Session Hijacking

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.

CVSS 7.3

View Code

CVE-2026-25851 WRITEUP CRITICAL WRITEUP

OCPP WebSocket - Privilege Escalation

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this can lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend.

CVSS 9.4

View Code

CVE-2026-25945 WRITEUP HIGH WRITEUP

WebSocket API - DoS

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

CVSS 7.5

View Code

CVE-2026-26290 WRITEUP HIGH WRITEUP

WebSocket Backend - Session Hijacking

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.

CVSS 7.3

View Code

CVE-2026-26305 WRITEUP HIGH WRITEUP

WebSocket API - DoS

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

CVSS 7.5

View Code

CVE-2026-27028 WRITEUP CRITICAL WRITEUP

OCPP WebSocket - Privilege Escalation

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this can lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend.

CVSS 9.4

View Code

CVE-2026-27647 WRITEUP HIGH WRITEUP

WebSocket Backend - Session Hijacking

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.

CVSS 7.3

View Code

CVE-2026-27652 WRITEUP HIGH WRITEUP

WebSocket Backend - Session Hijacking

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests.

CVSS 7.3

View Code

CVE-2026-27767 WRITEUP CRITICAL WRITEUP

OCPP WebSocket - Privilege Escalation

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this can lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend.

CVSS 9.4

View Code

CVE-2026-27772 WRITEUP CRITICAL WRITEUP

OCPP WebSocket - Privilege Escalation

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this can lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend.

CVSS 9.4

View Code

CVE-2026-27773 WRITEUP MEDIUM WRITEUP

Charging Station - Info Disclosure

Charging station authentication identifiers are publicly accessible via web-based mapping platforms.

CVSS 6.5

View Code

CVE-2025-53968 WRITEUP HIGH WRITEUP

Evmapa - Brute Force

This vulnerability arises because there are no limitations on the number of authentication attempts a user can make. An attacker can exploit this weakness by continuously sending authentication requests, leading to a denial-of-service (DoS) condition. This can overwhelm the authentication system, rendering it unavailable to legitimate users and potentially causing service disruption. This can also allow attackers to conduct brute-force attacks to gain unauthorized access.

CVSS 7.5

View Code

CVE-2025-54816 WRITEUP CRITICAL WRITEUP

Evmapa - Missing Authentication

This vulnerability occurs when a WebSocket endpoint does not enforce proper authentication mechanisms, allowing unauthorized users to establish connections. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead to privilege escalation and potentially compromise the security of the entire system.

CVSS 9.4

View Code

CVE-2025-55705 WRITEUP HIGH WRITEUP

Evmapa EV Charging System - Session Management

This vulnerability occurs when the system permits multiple simultaneous connections to the backend using the same charging station ID. This can result in unauthorized access, data inconsistency, or potential manipulation of charging sessions. The lack of proper session management and expiration control allows attackers to exploit this weakness by reusing valid charging station IDs to establish multiple sessions concurrently.

CVSS 7.3

View Code