Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

EVerest — Vulnerabilities & Security Advisories 33

Browse all 33 CVE security advisories affecting EVerest. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by EVerest:everest-corelibocpp
CVE IDTitleCVSSSeverityPublished
CVE-2026-33015 EVerest has RemoteStop Bypass via BCB Toggle Session Restart — everest-coreCWE-863 5.2 Medium2026-03-26
CVE-2026-33014 EVerest has Delayed Authorization Response Bypasses Termination After RemoteStop — everest-coreCWE-863 5.2 Medium2026-03-26
CVE-2026-33009 EVerest: MQTT Switch-Phases Command Data Race Causing Charger State Corruptio — everest-coreCWE-362 8.2 High2026-03-26
CVE-2026-29044 EVerest: Charging Continues When WithdrawAuthorization Is Processed Before TransactionStarted — everest-coreCWE-863 5.0 Medium2026-03-26
CVE-2026-27828 EVerest: ISO15118 session_setup use-after-free can crash EVSE process — everest-coreCWE-416 7.5 -2026-03-26
CVE-2026-27816 EVerest's ISO15118 update_energy_transfer_modes overflow can corrupt EVSE state — everest-coreCWE-787 8.2 -2026-03-26
CVE-2026-27815 EVerest: ISO15118 session_setup payment options overflow can corrupt EVSE state — everest-coreCWE-787 8.2 -2026-03-26
CVE-2026-27814 EVerest EvseManager phase-switch path has unsynchronized shared-state access race condition — everest-coreCWE-362 4.2 Medium2026-03-26
CVE-2026-27813 EVerest has use-after-free in auth timeout timer via race condition — everest-coreCWE-416 5.3 Medium2026-03-26
CVE-2026-26074 EVerest: OCPP201 startup event_queue lock mismatch leads to std::map/std::queue data race — everest-coreCWE-362 7.0 High2026-03-26
CVE-2026-26073 EVerest: OCPP 1.6 heap corruption caused by lock-free insertion in event_queue — everest-coreCWE-122 5.9 Medium2026-03-26
CVE-2026-26072 EVerest has race-condition-induced std::map corruption in OCPP 1.6 evse_soc_map — everest-coreCWE-362 4.2 Medium2026-03-26
CVE-2026-26071 EVerest: OCPP 2.0.1 EVCCID Data Race Leads to Heap Use‑After‑Free — everest-coreCWE-362 4.2 Medium2026-03-26
CVE-2026-26070 EVerest: OCPP 2.0.1 EV SoC Update Race Causes Charge Point Crash — everest-coreCWE-362 4.6 Medium2026-03-26
CVE-2026-26008 EVerest has OOB via EVSE ID Indexing Mismatch in OCPP 2.0.1 UpdateAllowedEnergyTransferModes — everest-coreCWE-125 7.5 High2026-03-26
CVE-2026-23995 EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ — everest-coreCWE-121 8.4 High2026-03-26
CVE-2026-22790 EVerest's unchecked SLAC payload length causes stack overflow in HomeplugMessage::setup_payload — everest-coreCWE-121 8.8 High2026-03-26
CVE-2026-22593 EVerest has off-by-one stack buffer overflow in IsoMux certificate filename parsing — everest-coreCWE-193 8.4 High2026-03-26
CVE-2026-24003 EvseV2G has sequence state validation bypass — everest-coreCWE-287 4.3 Medium2026-01-26
CVE-2025-68141 EVerest vulnerable to null pointer dereference during DC_ChargeLoopRes document deserialization — everest-coreCWE-476 7.4 High2026-01-21
CVE-2025-68140 EVerest allows null session ID to bypass session ID verification — everest-coreCWE-863 4.3 Medium2026-01-21
CVE-2025-68139 In EVerest, by default, the EV is responsible for closing the connection if the module encounters an error during request processing — everest-coreCWE-384 4.3 Medium2026-01-21
CVE-2025-68138 EVerest affected by memory exhaustion in libocpp — everest-coreCWE-770 4.7 Medium2026-01-21
CVE-2026-23955 EVerest vulnerable to concatenation of strings literal and integers — everest-coreCWE-1046 4.2 Medium2026-01-21
CVE-2025-68137 EVerest's Integer Overflow and Signed to Unsigned conversion lead to either stack buffer overflow or infinite loop — everest-coreCWE-120 8.4 High2026-01-21
CVE-2025-68136 EVerest's inadequate session handling can lead to memory-related errors or exhaustion of the operating system’s file descriptors, resulting in a denial of service — everest-coreCWE-770 7.4 High2026-01-21
CVE-2025-68135 EVerest's inadequate exception handling leads to denial of service — everest-coreCWE-703 6.5 Medium2026-01-21
CVE-2025-68134 EVerest's use of assert functions can potentially lead to denial of service — everest-coreCWE-20 7.4 High2026-01-21
CVE-2025-68132 EVerest has out-of-bounds read in DZG_GSH01 SLIP CRC parser that can crash powermeter driver — everest-coreCWE-125 9.1AICriticalAI2026-01-21
CVE-2025-68133 EVerest's unlimited connections can lead to DoS through operating system resource exhaustion — everest-coreCWE-770 7.4 High2026-01-21

This page lists every published CVE security advisory associated with EVerest. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.