CNNVD-202601-3363 Information

CNNVD ID

CNNVD-202601-3363

Related CVE

CVE-2025-68134

• CNNVD Published: 2026-01-21

Description (Chinese)

everest-core是EVerest开源的一个电动汽车充电软件堆栈的主要部分。 everest-core 2025.10.0之前版本存在输入验证错误漏洞，该漏洞源于使用assert函数处理错误，可能导致模块崩溃并引发拒绝服务。

Description (English)

Veverest-core is the main part of an electric vehicle charging software stack at the EVerest open source. The pre-everest-core 2025.10.0.0 version has an input authentication error loophole, which arises from the use of the assert function to process errors, which may cause a module to collapse and trigger a denial of service.

Hazard Level

Medium

Vulnerability Type

输入验证错误

Affected Vendor

EVerest

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/EVerest/everest-core/security/advisories/GHSA-cxc5-rrj5-8pf3 https://access.redhat.com/security/cve/cve-2025-68134

Patch

https://github.com/EVerest/everest-core