Tag

Ev-Charging

4 briefs RSS

EVerest Out-of-Bounds Access Vulnerability (CVE-2026-26008)

EVerest, an EV charging software stack, has an out-of-bounds access vulnerability in versions prior to 2026.02.0, which can lead to remote crash or memory corruption when the CSMS sends UpdateAllowedEnergyTransferModes over the network.

cve ev-charging out-of-bounds denial-of-service

2r 2t 2i Mar 27, 2026

high advisory

EVerest CAN Interface Stack Buffer Overflow Vulnerability (CVE-2026-23995)

2 rules 3 TTPs

A stack-based buffer overflow vulnerability exists in EVerest EV charging software stack versions prior to 2026.02.0. Passing an interface name longer than 16 characters to CAN open routines overflows `ifreq.ifr_name`, potentially leading to code execution.

everest buffer-overflow cve-2026-23995 ev-charging

2r 3t Mar 27, 2026

medium advisory

EVerest EV Charging Stack Data Race Vulnerability (CVE-2026-26074)

2 rules

EVerest versions prior to 2026.02.0 exhibit a data race vulnerability (CVE-2026-26074) where concurrent network requests and physical events can corrupt the event queue, leading to potential denial of service or other undefined behavior.

cve-2026-26074 data-race ev-charging everest

2r Mar 26, 2026

high advisory

EVerest IsoMux Certificate Filename Stack-Based Buffer Overflow Vulnerability

2 rules 3 TTPs

A stack-based buffer overflow vulnerability exists in EVerest's IsoMux certificate filename handling before version 2026.02.0, potentially allowing code execution via a crafted filename.

buffer overflow EV charging code execution

2r 3t Mar 26, 2026