Skip to main content

Everest Core CVE-2026-23995

| EUVDEUVD-2026-16199 HIGH
Stack-based Buffer Overflow (CWE-121)
2026-03-26 GitHub_M
8.4
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.4 HIGH
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:13 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
2026.02.0
EUVD ID Assigned
Mar 26, 2026 - 15:00 euvd
EUVD-2026-16199
Analysis Generated
Mar 26, 2026 - 15:00 vuln.today
CVE Published
Mar 26, 2026 - 14:36 nvd
HIGH 8.4

DescriptionGitHub Advisory

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows ifreq.ifr_name, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch.

AnalysisAI

Stack-based buffer overflow in EVerest EV charging software allows unauthenticated local attackers to execute arbitrary code via overly long CAN interface names during initialization. The vulnerability (CWE-121) affects everest-core versions prior to 2026.02.0 with CVSS 8.4 (High severity). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Provide oversized CAN interface name
Exploit
Overflow ifreq.ifr_name buffer
Execution
Corrupt adjacent stack data
Impact
Execute arbitrary code with local privileges

Vulnerability AssessmentAI

Exploitation Local attacker with ability to configure or pass interface names to EVerest CAN initialization routines (versions before 2026.02.0). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is moderate-to-high despite the 8.4 CVSS score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with local access to an EV charging station running vulnerable EVerest software modifies the system configuration file or environment variables to specify a CAN interface name exceeding 16 characters (e.g., 'can-interface-with-very-long-malicious-name'). When the EVerest service initializes, the oversized name overflows the stack buffer in the CAN open routine, overwriting adjacent memory with attacker-controlled data including shellcode or return-address pointers. …
Remediation Upgrade EVerest everest-core to version 2026.02.0 or later, which contains the vendor-released patch addressing the buffer overflow (see GitHub Security Advisory GHSA-p47c-2jpr-mpwx at https://github.com/EVerest/EVerest/security/advisories/GHSA-p47c-2jpr-mpwx). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all systems running everest-core versions prior to 2026.02.0 using asset inventory and device discovery tools; document deployment locations and operational status. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-22790 HIGH
8.8 Mar 26

Remote code execution vulnerability in EVerest electric vehicle charging software stack allows adjacent network attacker

CVE-2026-22593 HIGH
8.4 Mar 26

Stack-based buffer overflow in EVerest EV charging software stack enables local code execution when processing certifica

CVE-2026-33009 HIGH
8.2 Mar 26

Concurrent access to shared memory in EVerest EV charging software (versions prior to 2026.02.0) enables remote attacker

CVE-2026-26008 HIGH
7.5 Mar 26

Out-of-bounds vector access in EVerest EV charging software (everest-core versions before 2026.02.0) enables remote unau

CVE-2026-26074 HIGH
7.0 Mar 26

Concurrent access to an internal event queue in EVerest-core (EV charging software stack) enables remote attackers to co

CVE-2026-26073 MEDIUM
5.9 Mar 26

EVerest charging software stack versions prior to 2026.02.0 suffer from a data race condition in queue/deque handling tr

CVE-2026-27828 MEDIUM
5.5 Mar 26

EVerest charging software stack versions prior to 2026.02.0 contain a use-after-free vulnerability in the ISO15118_charg

CVE-2026-27816 MEDIUM
5.5 Mar 26

EVerest-Core prior to version 2026.02.0 contains an out-of-bounds write vulnerability in the ISO15118_chargerImpl::handl

CVE-2026-27815 MEDIUM
5.5 Mar 26

Out-of-bounds memory writes in EVerest charging software stack versions prior to 2026.02.0 allow local attackers to corr

CVE-2026-27813 MEDIUM
5.3 Mar 26

EVerest charging software stack versions prior to 2026.02.0 contain a data race condition leading to use-after-free memo

CVE-2026-33015 MEDIUM
5.2 Mar 26

EVerest charging software stack versions prior to 2026.02.0 allow EV operators to bypass remote stop commands issued by

CVE-2026-33014 MEDIUM
5.2 Mar 26

EVerest-core prior to version 2026.02.0 fails to properly terminate EV charging transactions during remote stop operatio

Share

CVE-2026-23995 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy