{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-26074/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["cve-2026-26074","data-race","ev-charging","everest"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eEVerest, an EV charging software stack, is susceptible to a data race vulnerability identified as CVE-2026-26074. This flaw affects versions prior to 2026.02.0. The vulnerability arises from concurrent access to the \u003ccode\u003eevent_queue\u003c/code\u003e, specifically a \u003ccode\u003estd::map\u0026lt;std::queue\u0026gt;\u003c/code\u003e, when a CSMS (Charging Station Management System) GetLog or UpdateFirmware request (originating from the network) coincides with an EVSE (Electric Vehicle Supply Equipment) fault event (a physical occurrence). This combination of…\u003c/p\u003e\n","date_modified":"2026-03-26T17:16:33Z","date_published":"2026-03-26T17:16:33Z","id":"/briefs/2026-03-everest-data-race/","summary":"EVerest versions prior to 2026.02.0 exhibit a data race vulnerability (CVE-2026-26074) where concurrent network requests and physical events can corrupt the event queue, leading to potential denial of service or other undefined behavior.","title":"EVerest EV Charging Stack Data Race Vulnerability (CVE-2026-26074)","url":"https://feed.craftedsignal.io/briefs/2026-03-everest-data-race/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-26074","version":"https://jsonfeed.org/version/1.1"}