CNNVD-202601-3446 Information

Jan 21, 2026 cve

CNNVD ID

CNNVD-202601-3446

CVE-2025-68133

  • CNNVD Published: 2026-01-21

Description (Chinese)

everest-core是EVerest开源的一个电动汽车充电软件堆栈的主要部分。 everest-core 2025.10.0之前版本存在安全漏洞,该漏洞源于攻击者可通过发起无限数量的TCP连接来耗尽操作系统内存,可能导致模块终止。

Description (English)

Veverest-core is the main part of an electric vehicle charging software stack at the EVerest open source. There was a security loophole in the pre-everest-core 2025.10.0, which stemmed from the fact that the attackers could exhaust the operating system by launching an unlimited number of TCP connections, which could lead to the termination of the module.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

EVerest

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/EVerest/everest-core/commit/8127b8c54b296c4dd01b356ac26763f81f76a8fd https://github.com/EVerest/everest-core/security/advisories/GHSA-mv3w-pp85-5h7c https://github.com/EVerest/everest-core/commit/de504f0c11069010d26767b0952739e9a400cef3 https://access.redhat.com/security/cve/cve-2025-68133

Patch

https://github.com/EVerest/everest-core

Share on: