Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

NVD
NVDadded 2026/01/21 8:16 p.m.2 views

CVE-2025-68138

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

4.7CVSS0.00055EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/01/21 7:30 p.m.1 views

CVE-2025-68138 EVerest affected by memory exhaustion in libocpp

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

4.7CVSS5.5AI score0.00055EPSS
Exploits0References2
EUVD
EUVDadded 2026/01/21 7:30 p.m.2 views

EUVD-2025-206321

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

4.7CVSS5.5AI score0.00055EPSS
Exploits0References2
CVE
CVEadded 2026/01/21 7:30 p.m.5 views

CVE-2025-68138

In libocpp (the C++ Open Charge Point Protocol implementation used by EVerest), memory leaks occur because pointers returned by strdup are never freed in versions prior to 0.30.1. Each connection attempt leaks newly allocated memory, potentially leading to memory exhaustion and denial of service....

4.7CVSS5.5AI score0.00055EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2026/01/21 7:30 p.m.2 views

CVE-2025-68138 EVerest affected by memory exhaustion in libocpp

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

4.7CVSS5.5AI score0.00055EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/21 7:30 p.m.2 views

CVE-2025-68138

EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the strdup calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potential...

4.7CVSS5.3AI score0.00055EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2026/01/21 12:0 a.m.1 views

libocpp security vulnerabilities

Libocpp is an open-source Open Charge Point Protocol developed by EVerest. Versions of Libocpp prior to 0.30.1 contained security vulnerabilities. These vulnerabilities stemmed from pointers returned by strdup that were not released, which could lead to memory exhaustion and denial of service...

4.7CVSS5.8AI score0.00055EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/09/17 12:49 a.m.4 views

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

3.1CVSS6.8AI score0.00026EPSS
Exploits0References1
OSV
OSVadded 2025/09/15 7:15 p.m.1 views

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

3.1CVSS6.8AI score
Exploits0References2
OSV
OSVadded 2025/09/15 7:15 p.m.1 views

CVE-2025-59398

The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...

3.1CVSS6.7AI score
Exploits0References5
NVD
NVDadded 2025/09/15 7:15 p.m.1 views

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

3.1CVSS0.00026EPSS
Exploits0References2
Snyk
Snykadded 2025/09/15 6:43 p.m.1 views

Improper Cleanup on Thrown Exception

Overview Affected versions of this package are vulnerable to Improper Cleanup on Thrown Exception due to a secondary exception being thrown during error message generation. An attacker can cause the application to crash by triggering an error that leads to this exception. Remediation Upgrade...

3.1CVSS6.9AI score0.00026EPSS
Exploits0References2
Snyk
Snykadded 2025/09/15 6:43 p.m.2 views

Missing Report of Error Condition

Overview Affected versions of this package are vulnerable to Missing Report of Error Condition via the ChargePoint::messagecallback function. An attacker can cause a crash by submitting JSON input exceeding 255 characters, which triggers an exception due to the StringTooLarge parameter being set ...

3.1CVSS6.9AI score0.00029EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/15 12:0 a.m.1 views

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

3.1CVSS6.4AI score0.00026EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/15 12:0 a.m.5 views

CVE-2025-59399

libocpp before 0.28.0 allows a denial of service EVerest crash because a secondary exception is thrown during error message generation...

3.1CVSS0.00026EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/15 12:0 a.m.2 views

PT-2025-37738

Name of the Vulnerable Software and Affected Versions libocpp versions prior to 0.28.0 Description libocpp versions prior to 0.28.0 are susceptible to a denial of service condition, specifically an Everest crash. This occurs because a secondary exception is thrown during the generation of error...

3.1CVSS6.4AI score0.00026EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2025/09/15 12:0 a.m.1 views

CVE-2025-59398

The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...

3.1CVSS6.3AI score0.00029EPSS
Exploits0References5
CVE
CVEadded 2025/09/15 12:0 a.m.9 views

CVE-2025-59398

Summary : CVE-2025-59398 affects the libocpp OCPP implementation prior to 0.26.2. The vulnerability arises when processing JSON input larger than 255 characters, which leads to a crash due to a CiString object created with StringTooLarge set to Throw, resulting in a denial of service (EVerest cra...

3.1CVSS6.3AI score0.00029EPSS
Exploits0References5
CNNVD
CNNVDadded 2025/09/15 12:0 a.m.1 views

libocpp 安全漏洞

libocpp is an open charge point protocol open-sourced by EVerest. A security vulnerability exists in versions of libocpp prior to 0.28.0, which stems from a minor exception thrown during error message generation that could result in a denial of service...

3.1CVSS6.3AI score0.00026EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/15 12:0 a.m.5 views

CVE-2025-59398

The OCPP implementation in libocpp before 0.26.2 allows a denial of service EVerest crash via JSON input larger than 255 characters, because a CiString object is created with StringTooLarge set to Throw...

3.1CVSS0.00029EPSS
Exploits0References5
Rows per page
Query Builder