CVE-2026-24731: CWE-306 in EV2GO ev2go.io WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint usin

CRITICAL: CVE-2026-24731 in EV2GO ev2go.io. Unauthenticated WebSocket lets attackers control charging stations & corrupt backend data. Monitor OCPP connections and restrict access! radar.offseq.com/threat/cve-2026-24731-cw... #OffSeq #CVE202624731 #EVSecurity