Home/Product/linuxfoundation everest
Product

linuxfoundation everest

30 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-33015
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTrans
5.2MEDIUM
 CVE-2026-33014
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorization respon
5.2MEDIUM
 CVE-2026-33009
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memory corrupt
8.2HIGH
 CVE-2026-29044
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, when WithdrawAuthorization is processed before the Transacti
5.0MEDIUM
 CVE-2026-27828
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, ISO15118_chargerImpl::handle_session_setup uses v2g_ctx afte
7.5HIGH
 CVE-2026-27816
< 2026.02.0
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_update_energy_transfer_mode
9.1CRITICAL
 CVE-2026-27815
< 2026.02.0
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_session_setup copies a vari
9.1CRITICAL
 CVE-2026-27814
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race (C++ UB) triggered by an A 1-phase ↔ 3-ph
4.2MEDIUM
 CVE-2026-27813
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to use-after-free. This is triggere
5.3MEDIUM
 CVE-2026-26074
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map<std::queue>
7.0HIGH
 CVE-2026-26073
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::queue/`std::dequ
5.9MEDIUM
 CVE-2026-26072
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::map<std::optional> concur
4.2MEDIUM
 CVE-2026-26071
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::string concurrent access.
4.2MEDIUM
 CVE-2026-26070
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::map<std::optional> concur
4.6MEDIUM
 CVE-2026-26008
< 2026.02.0
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access (std::vector) that leads to pos
7.5HIGH
 CVE-2026-23995
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization:
8.4HIGH
 CVE-2026-22790
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setup_payload trusts len after an `asse
8.8HIGH
 CVE-2026-22593
< 2026.02.0
EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling
8.4HIGH
 CVE-2026-24003
<= 2025.12.1
EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible to bypass the sequence state v
4.3MEDIUM
 CVE-2026-23955
< 2025.9.0
EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal
4.2MEDIUM
 CVE-2025-68141
< 2025.10.0
EVerest is an EV charging software stack. Prior to version 2025.10.0, during the deserialization of a DC_ChargeLoopRes message t
7.4HIGH
 CVE-2025-68140
< 2025.9.0
EVerest is an EV charging software stack. Prior to version 2025.9.0, once the validity of the received V2G message has been verifi
4.3MEDIUM
 CVE-2025-68139
<= 2025.12.1
EVerest is an EV charging software stack. In all versions up to and including 2025.12.1, the default value for `terminate_connecti
4.3MEDIUM
 CVE-2025-68137
< 2025.10.0
EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in SdpPacket::parse_header()
8.3HIGH
 CVE-2025-68136
< 2025.10.0
EVerest is an EV charging software stack. Prior to version 2025.10.0, once the module receives a SDP request, it creates a whole n
7.4HIGH
 CVE-2025-68135
< 2025.10.0
EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the `TbdC
6.5MEDIUM
 CVE-2025-68134
< 2025.10.0
EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the assert function to handle errors frequently
7.4HIGH
 CVE-2025-68132
< 2025.12.0
EVerest is an EV charging software stack. Prior to version 2025.12.0, is_message_crc_correct in the DZG_GSH01 powermeter SLIP pa
4.6MEDIUM
 CVE-2025-68133
< 2025.10.0
EVerest is an EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the operating system's memory an
7.4HIGH
 CVE-2015-6454
<= 8.7.0.1
Everest PeakHMI before 8.7.0.2, when the video server is used, allows remote attackers to cause a denial of service (incorrect poi
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin