THE article reports on significant security vulnerabilities found in XCharge C6 electric vehicle chargers, impacting global charging networks. Key vulnerabilities include:
1. **CVE-2026-9037**: A critical firmware update flaw with a CVSS score of 9.3, allowing unauthorized firmware installation due to improper file validation.
2. **CVE-2026-9038**: A stack-based buffer overflow that can be exploited by attackers with physical access.
3. **CVE-2026-9039**: A configuration issue that accepts default admin credentials, enabling malicious devices to gain full access. The manufacturer has released automated patches, and operators are advised to verify their hardware's update status to mitigate risks.