Every CVE whose affected-product data names Steve-community Steve, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-25407 — CVSS 7.5 (high): SteVe v3.6.0 was discovered to use predictable transaction ID's when receiving a StartTransaction request. This vulnerability can allow…
CVE-2026-28230 — CVSS 6.3 (medium): SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a…
CVE-2024-21550 — CVSS 6.1 (medium): SteVe is an open platform that implements different version of the OCPP protocol for Electric Vehicle charge points, acting as a central…
CVE-2024-44843 — CVSS 5.9 (medium): An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass authentication and execute arbitrary coammands via…