{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-27813", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-24T02:31:33.267Z", "datePublished": "2026-03-26T16:23:19.167Z", "dateUpdated": "2026-03-27T14:55:23.562Z"}, "containers": {"cna": {"title": "EVerest has use-after-free in auth timeout timer via race condition", "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "lang": "en", "description": "CWE-416: Use After Free", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/EVerest/EVerest/security/advisories/GHSA-vgmh-mmg3-22m6", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-vgmh-mmg3-22m6"}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"version": "< 2026.02.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T16:23:19.167Z"}, "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to use-after-free. This is triggered by EV plug-in/unplug and RFID/RemoteStart/OCPP authorization events (or delayed authorization response). Version 2026.2.0 contains a patch."}], "source": {"advisory": "GHSA-vgmh-mmg3-22m6", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T14:55:16.934245Z", "id": "CVE-2026-27813", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T14:55:23.562Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "EVerest has use-after-free in auth timeout timer via race condition", "source": {"advisory": "GHSA-vgmh-mmg3-22m6", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"status": "affected", "version": "< 2026.02.0"}]}], "references": [{"url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-vgmh-mmg3-22m6", "name": "https://github.com/EVerest/EVerest/security/advisories/GHSA-vgmh-mmg3-22m6", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to use-after-free. This is triggered by EV plug-in/unplug and RFID/RemoteStart/OCPP authorization events (or delayed authorization response). Version 2026.2.0 contains a patch."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-416", "description": "CWE-416: Use After Free"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-26T16:23:19.167Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-27813", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-27T14:55:16.934245Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-27T14:55:19.674Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-27813", "state": "PUBLISHED", "dateUpdated": "2026-03-26T16:23:19.167Z", "dateReserved": "2026-02-24T02:31:33.267Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-26T16:23:19.167Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linuxfoundation:everest:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB167E67-6808-4F7B-9505-FFF0C02B288C", "versionEndExcluding": "2026.02.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to use-after-free. This is triggered by EV plug-in/unplug and RFID/RemoteStart/OCPP authorization events (or delayed authorization response). Version 2026.2.0 contains a patch."}, {"lang": "es", "value": "EVerest es una pila de software de carga de VE. Las versiones anteriores a la 2026.02.0 tienen una condici\u00f3n de carrera de datos que conduce a un uso despu\u00e9s de liberaci\u00f3n. Esto se activa por eventos de conexi\u00f3n/desconexi\u00f3n de VE y eventos de autorizaci\u00f3n RFID/RemoteStart/OCPP (o respuesta de autorizaci\u00f3n retrasada). La versi\u00f3n 2026.2.0 contiene un parche."}], "id": "CVE-2026-27813", "lastModified": "2026-03-30T20:56:42.230", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 4.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-26T17:16:33.760", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/EVerest/EVerest/security/advisories/GHSA-vgmh-mmg3-22m6"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2026.02.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "everest-core", "source": "cna", "vendor": "EVerest"}, "product": "everest-core", "vendor": "everest"}], "analysis": {"en": {"generated_at": "2026-03-31T06:06:39.418667+00:00", "value": {"mitigation_remediation": ["Upgrade EVerest Core to version\u202f2026.2.0 or later"], "summary": {"action": "Apply Patch", "impact": "Potential memory corruption that can cause crashes or unstable behavior"}, "threat_synthesis": {"affected_systems": "The vulnerable product is the EVerest Core EV charging software stack. Versions prior to 2026.02.0 are affected. The stack is deployed on Linux operating systems as part of the Linux Foundation\u2019s Everest project and is identified by the vendor/product name EVerest:everest-core.", "description_and_impact": "A race condition in the authentication timeout timer of EVerest Core triggers a use\u2011after\u2011free when an electric vehicle is plugged in or unplugged, or when RFID, RemoteStart, or OCPP authorization events occur\u2014including delayed responses. The corrupted pointer may access freed memory, leading to data corruption, crashes, or unpredictable behavior, and could destabilize the stack or create conditions for further exploitation.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity. An EPSS score below 1% suggests that the likelihood of real\u2011world exploitation is low, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to trigger the race condition via plug/unplug or authorization events, which could be achieved by a device that can interact with the charging station or by an authenticated user. A patch is available in version\u202f2026.2.0."}}}}, "created": "2026-03-27T08:33:54.940301+00:00", "updated": "2026-03-31T20:08:54.277108+00:00", "vendors": ["everest", "everest$PRODUCT$everest-core"]}