PT-2026-28344 · Everest · Everest
Finder16
·
Published
2026-03-26
·
Updated
2026-03-29
·
CVE-2026-26008
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
EVerest versions prior to 2026.02.0
Description
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access issue involving a
std::vector, potentially leading to remote crash or memory corruption. This occurs because the CSMS sends UpdateAllowedEnergyTransferModes over the network.Recommendations
Update to version 2026.02.0 or later.
Exploit
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Everest