CVE-2026-26071 in everest-coreinfo

Zusammenfassung

von MITRE • 26.03.2026

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to `std::string` concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update (EV/ISO15118) and OCPP session/authorization events. Version 2026.02.0 contains a patch.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

GitHub M

Reservieren

10.02.2026

Veröffentlichung

26.03.2026

Moderieren

akzeptiert

Eintrag

VDB-353647

CPE

bereit

EPSS

0.00134

KEV

nein

Aktivitäten

very low

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!