5 matches found
CVE-2026-22790
EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...
CVE-2026-22790
EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...
CVE-2026-22790
EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...
CVE-2026-22790 EVerest's unchecked SLAC payload length causes stack overflow in HomeplugMessage::setup_payload
EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...
PT-2026-28328
Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Prior to version 2026.02.0, the HomeplugMessage::setup payload function trusts the len variable after an assert check. In release builds, this check is...