CVE-2026-23955 – This vulnerability in EVerest EV charging softw... (How to Fix)

Q: What is the severity of CVE-2026-23955?

CVE-2026-23955 has a CVSS score of 4.2 (MEDIUM). This vulnerability in EVerest EV charging software allows malicious operators to read unintended memory regions (heap/stack) through pointer arithmetic errors in integer-to-string concatenation. It affects all EVerest installations prior to version 2025.9.0. The issue stems from improper error handling that exposes memory contents.

📋 TL;DR

This vulnerability in EVerest EV charging software allows malicious operators to read unintended memory regions (heap/stack) through pointer arithmetic errors in integer-to-string concatenation. It affects all EVerest installations prior to version 2025.9.0. The issue stems from improper error handling that exposes memory contents.

💻 Affected Systems

Products:

EVerest EV charging software stack

Versions: All versions prior to 2025.9.0

Operating Systems: Linux-based systems running EVerest

Default Config Vulnerable: ⚠️ Yes

Notes: Requires operator-level access to trigger the error conditions that expose memory.

📦 What is this software?

Everest by Linuxfoundation

View all CVEs affecting Everest →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive memory contents including credentials, cryptographic keys, or proprietary data could be leaked to an attacker, potentially enabling further system compromise.

🟠

Likely Case

Information disclosure of memory contents that could reveal system state, configuration details, or partial data fragments useful for other attacks.

🟢

If Mitigated

Limited information exposure with no direct code execution, but still revealing potentially sensitive memory contents.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires operator access to trigger specific error conditions and knowledge of memory layout.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2025.9.0

Vendor Advisory: https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff

Restart Required: Yes

Instructions:

1. Backup current configuration and data. 2. Stop EVerest services. 3. Update to version 2025.9.0 or later using your package manager or manual installation. 4. Restart EVerest services. 5. Verify functionality.

🔧 Temporary Workarounds

Restrict operator access

all

Limit access to EVerest management interfaces to trusted personnel only

Enhanced logging and monitoring

all

Monitor for unusual error messages or memory access patterns

🧯 If You Can't Patch

Implement strict access controls to limit who can trigger error conditions
Deploy network segmentation to isolate EVerest systems from sensitive networks

🔍 How to Verify

Check if Vulnerable:

Check EVerest version using 'everest --version' or package manager query

Check Version:

everest --version

Verify Fix Applied:

Confirm version is 2025.9.0 or later and test error handling with integer values

📡 Detection & Monitoring

Log Indicators:

Unusual error messages containing memory addresses or pointer values
Repeated error conditions triggered by operators

Network Indicators:

Unusual data patterns in management interface communications

SIEM Query:

source="everest" AND (error OR exception) AND (pointer OR memory OR address)

📊 Metadata

CVE ID: CVE-2026-23955

CVSS v3 Score: 4.2 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-1046

EPSS Score: 0.01% exploit probability (1.5th percentile)

Published: January 21, 2026

Last Updated: February 6, 2026

🔗 References

https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff Vendor Advisory,Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON