NextGuard
UNKNOWNCVE-2026-22593

EVerest has off-by-one stack buffer overflow in IsoMux certificate filename parsing

Platform

other

Component

everest-core

Fixed in

2026.02.0

View on NVD

EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals `MAX_FILE_NAME_LENGTH` (100). A crafted filename in the certificate directory can overflow `file_names[idx]`, corrupting stack state and enabling potential code execution. Version 2026.02.0 contains a patch.

How to fix

Actualice EVerest a la versión 2026.02.0 o posterior. Esta versión contiene una corrección para el desbordamiento de búfer basado en pila en el manejo de nombres de archivo de certificado IsoMux.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free