What is the CVSS score of EUVD-2026-16207?

EUVD-2026-16207 has a CVSS 3.1 base score of 4.2 (Medium). CVSS vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Which versions of EVerest are affected by EUVD-2026-16207?

Organizations using EVerest should be aware of moderate risk from CVE-2026-26072, a race condition vulnerability rated CVSS 4.2. Exploitation could compromise the security of affected deployments.. A patch is available.

EVerest EUVD-2026-16207

| CVE-2026-26072 MEDIUM

Race Condition (CWE-362)

2026-03-26 security-advisories@github.com

Information Disclosure Race Condition

4.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Physical

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

2026.02.0

EUVD ID Assigned

Mar 26, 2026 - 15:22 euvd

EUVD-2026-16207

Analysis Generated

Mar 26, 2026 - 15:22 vuln.today

CVE Published

Mar 26, 2026 - 15:16 nvd

MEDIUM 4.2

DescriptionNVD

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to std::map<std::optional> concurrent access (container/optional corruption possible). The trigger is EV SoC update with powermeter periodic update and unplugging/SessionFinished status. Version 2026.02.0 patches the issue.

AnalysisAI

EVerest EV charging software prior to version 2026.02.0 contains a race condition in concurrent map access that can corrupt internal data structures when EV state-of-charge updates coincide with power meter refreshes and session termination events. Local attackers with physical access to charging equipment can trigger this condition to cause denial of service by crashing the charging system. …

RemediationAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-16207 vulnerability details – vuln.today

Back

EVerest EUVD-2026-16207

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code