CVE-2026-22100

Severity CVSS v4.0:
HIGH
Type:
CWE-78 OS Command Injections
Publication date:
13/07/2026
Last modified:
13/07/2026

Description

The OCPP DataTransfer message `ReserveLogin` is vulnerable to command injection. By manipulating the data value, arbitrary OS commands can be executed as root.

References to Advisories, Solutions, and Tools