12 matches found
CVE-2026-27816
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...
CVE-2026-27816 EVerest's ISO15118 update_energy_transfer_modes overflow can corrupt EVSE state
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...
CVE-2026-27816 EVerest's ISO15118 update_energy_transfer_modes overflow can corrupt EVSE state
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...
CVE-2026-27816
EVerest prior to version 2026.02.0 has a buffer overflow in ISO15118_chargerImpl::handle_update_energy_transfer_modes where a variable-length list is copied into a fixed-size 6-element array without bounds checks. With default schema validation disabled, oversized MQTT Cmd payloads can cause out-...
CVE-2026-27816
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...
CVE-2026-27816 EVerest's ISO15118 update_energy_transfer_modes overflow can corrupt EVSE state
EVerest is an EV charging software stack. Prior to versions to 2026.02.0, ISO15118chargerImpl::handleupdateenergytransfermodes copies a variable-length list into a fixed-size array of length 6 without bounds checking. With schema validation disabled by default, oversized MQTT Cmd payloads can...
CVE-2026-26008
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access std::vector that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch...
CVE-2026-26008 EVerest has OOB via EVSE ID Indexing Mismatch in OCPP 2.0.1 UpdateAllowedEnergyTransferModes
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access std::vector that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch...
CVE-2026-26008 EVerest has OOB via EVSE ID Indexing Mismatch in OCPP 2.0.1 UpdateAllowedEnergyTransferModes
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access std::vector that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch...
EUVD-2026-16201
EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access std::vector that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch...
CVE-2026-26008
The CVE concerns EVerest EV charging software stack. Versions before 2026.02.0 expose an out-of-bounds access in a std::vector triggered by UpdateAllowedEnergyTransferModes over the network via CSMS, enabling possible remote crash or memory corruption. The issue affects the affected releases prio...
EVerest 缓冲区错误漏洞
EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contained a buffer error vulnerability. This vulnerability stems from the function ISO15118chargerImpl::handleupdateenergytransfermodes, which copies a variable-leng...