Skip to the content.

DIVD-2026-00001 - DIVD-2026-00001 – EVbee Service App and DC Quick Charging Station

Our reference DIVD-2026-00001
Case lead Wilco van Beijnum (ElaadNL)
Author Jeroen van der Ham-de Vos
Researcher(s)
  • Wilco van Beijnum (ElaadNL)
CVE(s)
Versions EVbee Service App prior to 1.4.710, DC Quick Charger Firmware prior to V1.5.1
Patch status Available
Status Open
Last modified 10 Jul 2026 13:00 CEST

Summary

One vulnerabilties has been found in the EVbee Service App, and several have been found in the DC Quick Charging station firmware by ElaadNL. ElaadNL has worked with EVbee to resolve these vulnerabiltiies and has requested help from DIVD for CVE registration.

Vulnerability details

What you can do

We strongly advise users to update their Service App and ensure that the DC Quick Charging Station has connectivity to update the firmware.

Timeline

Date Description
05 Jan 2026 Initial disclosure from Elaad to EVbee, support from DIVD for CVE Registration
10 Jul 2026 Publication of initial batch of vulnerabilities.
gantt title DIVD-2026-00001 - DIVD-2026-00001 – EVbee Service App and DC Quick Charging Station dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2026-00001 - DIVD-2026-00001 – EVbee Service App and DC Quick Charging Station (still open) :2026-01-05, 2026-07-19 section Events Initial disclosure from Elaad to EVbee, support from DIVD for CVE Registration : milestone, 2026-01-05, 0d Publication of initial batch of vulnerabilities. : milestone, 2026-07-10, 0d

More Information