CVE-2025-24956

Name of the Vulnerable Software and Affected Versions: OpenV2G versions prior to 0.9.6

Description: A vulnerability has been identified in the OpenV2G EXI parsing feature, which is missing a length check when parsing X509 serial numbers. This allows an attacker to introduce a buffer overflow, leading to memory corruption.

Recommendations: For versions prior to 0.9.6, update to version 0.9.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of the EXI parsing feature until a patch is available.