PT-2026-57338 · Hydro Québec · Le Circuit Electrique Charging Station Backend

Published

2026-07-10

·

Updated

2026-07-10

·

CVE-2026-20744

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
The charging station websocket endpoint accepts connections without proper authentication, which could lead to privilege escalation.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-20744

Affected Products

Le Circuit Electrique Charging Station Backend