https://feed.craftedsignal.io/tags/out-of-bounds/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 27 Mar 2026 12:00:00 +0000https://feed.craftedsignal.io/briefs/2026-03-everest-oob/Fri, 27 Mar 2026 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-everest-oob/EVerest, an EV charging software stack, has an out-of-bounds access vulnerability in versions prior to 2026.02.0, which can lead to remote crash or memory corruption when the CSMS sends UpdateAllowedEnergyTransferModes over the network.<p>EVerest is an EV charging software stack used for managing electric vehicle charging infrastructure. Versions prior to 2026.02.0 are vulnerable to an out-of-bounds access issue (CVE-2026-26008) that can be triggered remotely. The vulnerability stems from how the Central System Management System (CSMS) handles the <code>UpdateAllowedEnergyTransferModes</code> message over the network. Successful exploitation can lead to a crash of the EVerest software or memory corruption, potentially disrupting EV…</p> highadvisorycveev-chargingout-of-boundsdenial-of-service