NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-26305	The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow...	2026-02-27	7.5	NETWORK	HIGH	NVD
CVE-2026-26290	The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same sessi...	2026-02-27	7.3	NETWORK	HIGH	NVD
CVE-2026-25774	Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	2026-02-27	6.5	NETWORK	MEDIUM	NVD
CVE-2026-25195	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code exec...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-25111	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code executi...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-25109	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execu...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-25085	A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later o...	2026-02-27	8.6	NETWORK	HIGH	NVD
CVE-2026-24695	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code exe...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-24689	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execut...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-24663	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an unauthenticated attacker to achieve remote code execu...	2026-02-27	9.0	NETWORK	CRITICAL	NVD
CVE-2026-24517	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execu...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-24445	The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow...	2026-02-27	7.5	NETWORK	HIGH	NVD
CVE-2026-22878	Charging station authentication identifiers are publicly accessible via web-based mapping platforms.	2026-02-27	6.5	NETWORK	MEDIUM	NVD
CVE-2026-21718	An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication req...	2026-02-27	10.0	NETWORK	CRITICAL	NVD
CVE-2026-21389	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code executi...	2026-02-27	8.0	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.