{"vulnerability": "cve-2026-20744", "sightings": [{"uuid": "8653a38f-7842-4164-a7dc-ea29d1921ef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20744", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116898400596472098", "content": "CVE-2026-20744 (CRITICAL, CVSS 9.8): Hydro-Qu\u00e9bec Le Circuit Electrique backend websocket lacks auth, allowing privilege escalation. No patch available. Restrict access &amp; monitor connections. https://radar.offseq.com/threat/cve-2026-20744-cwe-284-in-hydro-qubec-le-circuit-e-bd15f6a4c1c3953e #OffSeq #CVE202620744 #ICS #Vulnerability", "creation_timestamp": "2026-07-11T00:00:38.029789Z"}, {"uuid": "33f94021-30cb-4d30-844e-728aaef53562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-20744", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdea35kfd24", "content": "Hydro-Qu\u00e9bec Le Circuit Electrique backend CRITICAL vuln (CVSS 9.8): Unauthenticated websocket lets attackers escalate privileges. Restrict access &amp; monitor until patch available. https://radar.offseq.com/threat/cve-2026-20744-cwe-284-in-hydro-qubec-le-circuit-e-bd15f6a4c1c3953e #OffSeq #CVE20262...", "creation_timestamp": "2026-07-11T00:00:45.132669Z"}, {"uuid": "97e63f7c-4eaf-4f5e-adfa-c523ef6c0aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mqdf7b44242w", "content": "CVE-2026-20744\nThe charging station's websocket endpoint doesn't require authentication, allowing unauthorized users to potentially gain higher access levels. This could lead to unauthorized access to sensitive charging\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-11T00:18:05.216666Z"}, {"uuid": "f22db711-f863-4dc8-ac25-19c9485236b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqdgsn62rd24", "content": "CVE-2026-20744 - Hydro-Qu\u00e9bec Le Circuit Electrique charging station backend Improper Access Control\nCVE ID : CVE-2026-20744\n \n Published : July 10, 2026, 11:16 p.m. | 32\u00a0minutes ago\n \n Description : The charging station websocket endpoint accepts connections without \nproper a...", "creation_timestamp": "2026-07-11T00:46:48.836321Z"}, {"uuid": "6997ac4f-77a1-4e0c-9bda-b5cea697887b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdratnm4d27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-20744: \u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0435\u0431-\u0441\u043e\u043a\u0435\u0442\u043d\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u0437\u0430\u0440\u044f\u0434\u043d\u044b\u0445 \u0441\u0442\u0430\u043d\u0446\u0438\u0439\n\n\n\nhttps://kripta.biz/posts/1AA7653E-01E0-414D-BDA7-88B0AE4EC205", "creation_timestamp": "2026-07-11T03:53:42.817837Z"}, {"uuid": "c4206f0c-9ec2-45e0-98e8-bdf9231c2012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-20744", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqemgu5tlq2k", "content": "\ud83d\udd34 CVE-2026-20744 - Critical (9.8)\n\nThe charging station websocket endpoint accepts connections without \nproper authentication, which...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-20744/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T12:00:16.173516Z"}]}