EUVD-2026-16218

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

CVE-2025-68135

EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the TbdController loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers...

CVE-2026-23955

CVE-2026-23955 affects the EVerest EV charging software stack prior to version 2025.9.0. In several places, integers are concatenated to literal strings when throwing errors, causing pointer arithmetic instead of printing the integer value. This can allow a malicious operator to read unintended m...

CVE-2024-37310

EVerest is an EV charging software stack. An integer overflow in the "v2gincomingv2gtp" function in the v2gserver.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0...