{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/out-of-bounds/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["cve","ev-charging","out-of-bounds","denial-of-service"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eEVerest is an EV charging software stack used for managing electric vehicle charging infrastructure. Versions prior to 2026.02.0 are vulnerable to an out-of-bounds access issue (CVE-2026-26008) that can be triggered remotely. The vulnerability stems from how the Central System Management System (CSMS) handles the \u003ccode\u003eUpdateAllowedEnergyTransferModes\u003c/code\u003e message over the network. Successful exploitation can lead to a crash of the EVerest software or memory corruption, potentially disrupting EV…\u003c/p\u003e\n","date_modified":"2026-03-27T12:00:00Z","date_published":"2026-03-27T12:00:00Z","id":"/briefs/2026-03-everest-oob/","summary":"EVerest, an EV charging software stack, has an out-of-bounds access vulnerability in versions prior to 2026.02.0, which can lead to remote crash or memory corruption when the CSMS sends UpdateAllowedEnergyTransferModes over the network.","title":"EVerest Out-of-Bounds Access Vulnerability (CVE-2026-26008)","url":"https://feed.craftedsignal.io/briefs/2026-03-everest-oob/"}],"language":"en","title":"CraftedSignal Threat Feed — Out-of-Bounds","version":"https://jsonfeed.org/version/1.1"}