{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23995", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-19T18:49:20.658Z", "datePublished": "2026-03-26T14:36:30.551Z", "dateUpdated": "2026-03-26T18:48:26.145Z"}, "containers": {"cna": {"title": "EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ", "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "lang": "en", "description": "CWE-121: Stack-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/EVerest/EVerest/security/advisories/GHSA-p47c-2jpr-mpwx", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-p47c-2jpr-mpwx"}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"version": "< 2026.02.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T14:36:30.551Z"}, "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch."}], "source": {"advisory": "GHSA-p47c-2jpr-mpwx", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-26T18:48:18.083239Z", "id": "CVE-2026-23995", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:48:26.145Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23995", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-26T18:48:18.083239Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-26T18:48:22.737Z"}}], "cna": {"title": "EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ", "source": {"advisory": "GHSA-p47c-2jpr-mpwx", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"status": "affected", "version": "< 2026.02.0"}]}], "references": [{"url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-p47c-2jpr-mpwx", "name": "https://github.com/EVerest/EVerest/security/advisories/GHSA-p47c-2jpr-mpwx", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121: Stack-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T14:36:30.551Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23995", "state": "PUBLISHED", "dateUpdated": "2026-03-26T18:48:26.145Z", "dateReserved": "2026-01-19T18:49:20.658Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T14:36:30.551Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linuxfoundation:everest:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB167E67-6808-4F7B-9505-FFF0C02B288C", "versionEndExcluding": "2026.02.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch."}, {"lang": "es", "value": "EVerest es una pila de software de carga de VE. Antes de la versi\u00f3n 2026.02.0, desbordamiento de b\u00fafer basado en pila en la inicializaci\u00f3n de la interfaz CAN: pasar un nombre de interfaz m\u00e1s largo que IFNAMSIZ (16) a las rutinas de apertura de CAN desborda 'ifreq.ifr_name', corrompiendo datos adyacentes de la pila y permitiendo la ejecuci\u00f3n potencial de c\u00f3digo. Un nombre de interfaz malicioso o mal configurado puede activar esto antes de cualquier verificaci\u00f3n de privilegios. La versi\u00f3n 2026.02.0 contiene un parche."}], "id": "CVE-2026-23995", "lastModified": "2026-03-31T13:49:39.677", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-26T15:16:32.137", "references": [{"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-p47c-2jpr-mpwx"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.02.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "everest-core", "source": "cna", "vendor": "EVerest"}, "product": "everest-core", "vendor": "everest"}], "analysis": {"en": {"generated_at": "2026-03-31T16:06:55.554927+00:00", "value": {"mitigation_remediation": ["Update EVerest everest-core to version\u00a02026.02.0 or newer to apply the official patch."], "summary": {"action": "Immediate Patch", "impact": "Potential code execution via buffer overflow"}, "threat_synthesis": {"affected_systems": "The vulnerability affects all releases of the EVerest everest\u2011core component before version\u00a02026.02.0. Users running the EV charging software stack on Linux platforms that use these older versions are exposed. The problem resides in the CAN interface handling logic of the core package.", "description_and_impact": "The bug is a stack-based buffer overflow in the CAN interface initialization routine of the EVerest core stack. When an interface name longer than the IFNAMSIZ constant (16 characters) is passed to the CAN open function, the ifreq.ifr_name field overflows and corrupts neighboring stack data, potentially allowing an attacker to overwrite return pointers or other control data. This flaw can lead to arbitrary code execution before any privilege checks, and is classified as CWE\u2011121.", "risk_and_exploitability": "The CVSS score of 8.4 indicates high severity, yet the EPSS score is below 1%, implying low current exploitation probability. It is not listed in the CISA KEV catalog. Based on the description, the issue is exploitable by an adversary able to supply a malformed CAN interface name, which is likely achievable via local configuration or a misconfigured network interface that the software auto\u2011detects. Because the overflow occurs before privilege checks, the attacker could gain code execution with the privileges of the running EVerest process."}}}}, "created": "2026-03-27T08:34:07.723904+00:00", "updated": "2026-03-31T20:09:01.925661+00:00", "vendors": ["everest", "everest$PRODUCT$everest-core"]}