CNNVD-202601-3359 Information

CNNVD ID

CNNVD-202601-3359

Related CVE

CVE-2025-68136

• CNNVD Published: 2026-01-21

Description (Chinese)

everest-core是EVerest开源的一个电动汽车充电软件堆栈的主要部分。 everest-core 2025.10.0之前版本存在安全漏洞，该漏洞源于模块在收到SDP请求后创建新对象时未关闭和销毁先前对象，可能导致空指针取消引用。

Description (English)

Veverest-core is the main part of an electric vehicle charging software stack at the EVerest open source. There was a security loophole in the pre-everest-core 2025.10.0, which originated from the fact that the module did not close and destroy the previous object when it was created following a request from SDP, which could lead to an empty pointer cancellation of the reference.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

EVerest

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/EVerest/everest-core/security/advisories/GHSA-4h8h-x5cp-g22r https://access.redhat.com/security/cve/cve-2025-68136

Patch

https://github.com/EVerest/everest-core