{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-23995/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["everest","buffer-overflow","cve-2026-23995","ev-charging"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eEVerest is an open-source software stack for electric vehicle (EV) charging infrastructure. A stack-based buffer overflow vulnerability, tracked as CVE-2026-23995, affects versions prior to 2026.02.0. The vulnerability stems from improper handling of CAN (Controller Area Network) interface names during initialization. Specifically, when an interface name exceeding IFNAMSIZ (16 bytes) is supplied to CAN open routines, the \u003ccode\u003eifreq.ifr_name\u003c/code\u003e buffer overflows, potentially corrupting adjacent stack…\u003c/p\u003e\n","date_modified":"2026-03-27T12:00:00Z","date_published":"2026-03-27T12:00:00Z","id":"/briefs/2026-03-everest-can-overflow/","summary":"A stack-based buffer overflow vulnerability exists in EVerest EV charging software stack versions prior to 2026.02.0. Passing an interface name longer than 16 characters to CAN open routines overflows `ifreq.ifr_name`, potentially leading to code execution.","title":"EVerest CAN Interface Stack Buffer Overflow Vulnerability (CVE-2026-23995)","url":"https://feed.craftedsignal.io/briefs/2026-03-everest-can-overflow/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-23995","version":"https://jsonfeed.org/version/1.1"}