CVE-2026-26074

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0

Description EVerest is an EV charging software stack susceptible to a data race that could lead to corruption of std::map<std::queue>. The issue is triggered by a CSMS GetLog/UpdateFirmware request (network) coinciding with an EVSE fault event (physical). This results in concurrent access (data race) to the event queue, as reported by TSAN.

Recommendations Update to version 2026.02.0 or later.