CVE-2026-26305
🔴 HIGHThe WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks...
Description
Request Expert ReviewThe WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.
Affected Products (1)
CVSS Scores
References
Additional Information
- Source
- ics-cert@hq.dhs.gov
- State
- Modified
Related CVEs
CVE-2026-3979
MEDIUMA flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation...
CVE-2026-3978
HIGHA vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipul...
CVE-2026-3977
MEDIUMA security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. Th...
CVE-2026-3976
HIGHA weakness has been identified in Tenda W3 1.0.0.3(2204). Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the co...
CVE-2026-3975
HIGHA security flaw has been discovered in Tenda W3 1.0.0.3(2204). This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterG...
CVE-2026-3974
HIGHA vulnerability was identified in Tenda W3 1.0.0.3(2204). This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the...
Share CVE-2026-26305
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2026-26305 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!