What is CVE-2026-54479?

CVE-2026-54479 is a high-severity vulnerability in Evoke Csms, classified under Insufficient Session Expiration. CVSS score: 7.3/10. Published 2026-06-25.

How severe is CVE-2026-54479?

High severity. CVSS v3 base score is 7.3 out of 10.

Vulnerability in Evoke Csms

CVE-2026-54479

The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers. This vulnera…

CVSS v3 metric

CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Evoke Csms — versions All versions

Weakness classification (CWE)

CWE-613 — Insufficient Session Expiration

References

ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov
ics-cert@hq.dhs.gov

Frequently asked questions

What is CVE-2026-54479?: CVE-2026-54479 is a high-severity vulnerability in Evoke Csms, classified under Insufficient Session Expiration. CVSS score: 7.3/10. Published 2026-06-25.
How severe is CVE-2026-54479?: High severity. CVSS v3 base score is 7.3 out of 10.