CVE-2026-26071 in everest-core
الملخص
بحسب MITRE • 26/03/2026
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to `std::string` concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update (EV/ISO15118) and OCPP session/authorization events. Version 2026.02.0 contains a patch.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.