Severity by source
AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Lifecycle Timeline
4DescriptionGitHub Advisory
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race (C++ UB) triggered by an A 1-phase ↔ 3-phase switch request (ac_switch_three_phases_while_charging) during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch.
AnalysisAI
Data race conditions in EVerest Core versions before 2026.02.0 allow concurrent access to charging state during phase switching operations, potentially causing integrity violations or service interruptions on affected EV charging systems. An attacker with adjacent network access can trigger the race condition by initiating phase switches during active charging sessions, exploiting the unsafe concurrent execution between the state machine and switching requests. No patch is currently available for this vulnerability.
Technical ContextAI
EVerest is a software platform for EV charging infrastructure that manages complex state machines for charging sessions and power delivery. The vulnerability root cause is CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization), specifically a race condition in the C++ codebase. The affected component handles AC phase switching (ac_switch_three_phases_while_charging) which operates concurrently with the main state machine loop. Without proper mutex or synchronization primitives protecting shared state during the 1-phase to 3-phase mode transition, multiple threads can read and write charging state variables simultaneously, leading to undefined behavior such as memory corruption, inconsistent state, or unexpected state machine transitions. CPE cpe:2.3:a:everest:everest-core identifies all affected versions prior to 2026.02.0.
RemediationAI
Upgrade EVerest-Core to version 2026.02.0 or later immediately. The vendor has released a patched version (Vendor-released patch: 2026.02.0) that resolves the data race condition through proper synchronization of the phase-switching code path. Until patching is possible, operators should restrict network access to the EVerest control plane and state machine interfaces to trusted administrative networks only, and avoid issuing phase-switching requests during active charging sessions where feasible. Consult the EVerest project security advisory at https://github.com/EVerest/EVerest/security/advisories/GHSA-5528-wc53-v557 for deployment-specific guidance and confirmation of patched releases.
More in Everest Core
View allRemote code execution vulnerability in EVerest electric vehicle charging software stack allows adjacent network attacker
Stack-based buffer overflow in EVerest EV charging software allows unauthenticated local attackers to execute arbitrary
Stack-based buffer overflow in EVerest EV charging software stack enables local code execution when processing certifica
Concurrent access to shared memory in EVerest EV charging software (versions prior to 2026.02.0) enables remote attacker
Out-of-bounds vector access in EVerest EV charging software (everest-core versions before 2026.02.0) enables remote unau
Concurrent access to an internal event queue in EVerest-core (EV charging software stack) enables remote attackers to co
EVerest charging software stack versions prior to 2026.02.0 suffer from a data race condition in queue/deque handling tr
EVerest charging software stack versions prior to 2026.02.0 contain a use-after-free vulnerability in the ISO15118_charg
EVerest-Core prior to version 2026.02.0 contains an out-of-bounds write vulnerability in the ISO15118_chargerImpl::handl
Out-of-bounds memory writes in EVerest charging software stack versions prior to 2026.02.0 allow local attackers to corr
EVerest charging software stack versions prior to 2026.02.0 contain a data race condition leading to use-after-free memo
EVerest charging software stack versions prior to 2026.02.0 allow EV operators to bypass remote stop commands issued by
Same weakness CWE-362 – Race Condition
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-16222