PT-2026-28350 · Everest · Everest
Finder16
·
Publicado
2026-03-26
·
Atualizado
2026-03-29
·
CVE-2026-26072
CVSS v3.1
4.2
Média
| Vetor | AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
EVerest versions prior to 2026.02.0
Description
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race condition that can lead to concurrent access to
std::map<std::optional>, potentially causing container or optional corruption. The issue is triggered by an Electric Vehicle (EV) State of Charge (SoC) update combined with periodic power meter updates and the status of disconnection or session completion.Recommendations
Update to version 2026.02.0 or later.
Exploit
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Everest