Unrated severityNVD Advisory· Published Feb 26, 2026· Updated Mar 10, 2026
SWITCH EV swtchenergy.com Improper Restriction of Excessive Authentication Attempts
CVE-2026-25113
Description
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- SWITCH EV/swtchenergy.comv5Range: All versions
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.