CVE-2025-68134

High CVSS: 7.4

EVerest is an EV charging software stack. Prior to version 2025.10.0, the use of the `assert` function to handle errors frequently causes the module to crash. This is particularly critical because the manager shuts down all other modules and exits when any one of them terminates, leading to a denial of service. In a context where a manager handles multiple EVSE, this would also impact other users. Version 2025.10.0 fixes the issue.

Vendor

Linuxfoundation

Product

Everest

CWE

CWE-20

Yayın Tarihi

2026-01-21 19:16:04

Güncelleme

2026-02-06 21:21:42

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-20 Everest HIGH Linuxfoundation 2026

Referanslar

https://github.com/EVerest/everest-core/security/advisories/GHSA-cxc5-rrj5-8pf3

Benzer Kayıtlar

High

CVE-2026-27489

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0,…

Critical

CVE-2026-33701

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. I…

Medium

CVE-2026-33015

EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop…

High

CVE-2026-33009

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memo…

Medium

CVE-2026-33014

EVerest is an EV charging software stack. Prior to version 2026.02.0, during RemoteStop processing, a delayed authorizat…

Medium

CVE-2026-27815

EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118_chargerImpl::handle_session_setup cop…