CNNVD-202601-3353 Information

CNNVD ID

CNNVD-202601-3353

Related CVE

CVE-2026-23955

• CNNVD Published: 2026-01-21

Description (Chinese)

everest-core是EVerest开源的一个电动汽车充电软件堆栈的主要部分。 everest-core 2025.9.0之前版本存在安全漏洞，该漏洞源于在抛出错误时将整数值与字符串字面量连接，可能导致读取意外内存区域。

Description (English)

Veverest-core is the main part of an electric vehicle charging software stack at the EVerest open source. There is a security loophole in the pre-everest-core 2025.9.0 version, which results from linking integer values to the string field at the time of the error, which may lead to an accidental memory area being read.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

EVerest

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff https://access.redhat.com/security/cve/cve-2026-23955

Patch

https://github.com/EVerest/everest-core