Evoke Evoke Csms
4 CVEs affecting Evoke Evoke Csms. Latest disclosed: 2026-06-25. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40702 | Critical | 9.4 | 2026-06-25 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weaknes… |
CVE-2026-50176 | High | 7.5 | 2026-06-25 | The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacke… |
CVE-2026-54479 | High | 7.3 | 2026-06-25 | The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifi… |
CVE-2026-44622 | Medium | 6.5 | 2026-06-25 | Charging station authentication identifiers are publicly accessible via web-based mapping platforms. |