Export limit exceeded: 357515 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 357515 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-41682 1 Bender 4 Cc612, Cc613, Icc13xx and 1 more 2026-04-15 8.8 High
An authenticated, low-privileged attacker can obtain credentials stored on the charge controller including the manufacturer password.
CVE-2025-41708 1 Bender 5 Cc612, Cc613, Icc13xx and 2 more 2026-04-15 7.4 High
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An unauthenticated attacker on the same network could exploit this to learn sensitive data during transmission.
CVE-2021-34589 1 Bender 9 Cc612, Cc612 Firmware, Cc613 and 6 more 2024-11-21 7.5 High
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the last charge event can be read without authentication via the web interface.
CVE-2021-34587 2 Bender, Ibm 9 Cc612, Cc612 Firmware, Cc613 and 6 more 2024-11-21 5.3 Medium
In Bender/ebee Charge Controllers in multiple versions a long URL could lead to webserver crash. The URL is used as input of an sprintf to a stack variable.