CVE-2026-23955 - Vulnerability Details - OpenCVE

EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be used by malicious operator to read unintended memory regions, including the heap and the stack. Version 2025.9.0 fixes the issue.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation poc

Automatable no

Technical Impact partial

No data.

No data.

No data.

No data.

References

Link	Providers
https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff

History

Wed, 21 Jan 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 21 Jan 2026 19:45:00 +0000

Type	Values Removed	Values Added
Description		EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be used by malicious operator to read unintended memory regions, including the heap and the stack. Version 2025.9.0 fixes the issue.
Title		EVerest vulnerable to concatenation of strings literal and integers
Weaknesses		CWE-1046
References		https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff
Metrics		cvssV3_1 `{'score': 4.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-01-21T19:25:12.104Z

Updated: 2026-01-21T19:53:57.098Z

Reserved: 2026-01-19T14:49:06.312Z

Link: CVE-2026-23955

Vulnrichment

Updated: 2026-01-21T19:53:51.057Z

NVD

Status : Received

Published: 2026-01-21T20:16:12.517

Modified: 2026-01-21T20:16:12.517

Link: CVE-2026-23955

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23955", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-19T14:49:06.312Z", "datePublished": "2026-01-21T19:25:12.104Z", "dateUpdated": "2026-01-21T19:53:57.098Z"}, "containers": {"cna": {"title": "EVerest vulnerable to concatenation of strings literal and integers", "problemTypes": [{"descriptions": [{"cweId": "CWE-1046", "lang": "en", "description": "CWE-1046: Creation of Immutable Text Using String Concatenation", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff"}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"version": "< 2025.9.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-21T19:25:12.104Z"}, "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be used by malicious operator to read unintended memory regions, including the heap and the stack. Version 2025.9.0 fixes the issue."}], "source": {"advisory": "GHSA-px57-jx97-hrff", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-21T19:53:45.367515Z", "id": "CVE-2026-23955", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-21T19:53:57.098Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23955", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-21T19:53:45.367515Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-21T19:53:51.057Z"}}], "cna": {"title": "EVerest vulnerable to concatenation of strings literal and integers", "source": {"advisory": "GHSA-px57-jx97-hrff", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "EVerest", "product": "everest-core", "versions": [{"status": "affected", "version": "< 2025.9.0"}]}], "references": [{"url": "https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff", "name": "https://github.com/EVerest/everest-core/security/advisories/GHSA-px57-jx97-hrff", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "EVerest is an EV charging software stack. Prior to version 2025.9.0, in several places, integer values are concatenated to literal strings when throwing errors. This results in pointers arithmetic instead of printing the integer value as expected, like most of interpreted languages. This can be used by malicious operator to read unintended memory regions, including the heap and the stack. Version 2025.9.0 fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1046", "description": "CWE-1046: Creation of Immutable Text Using String Concatenation"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-21T19:25:12.104Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23955", "state": "PUBLISHED", "dateUpdated": "2026-01-21T19:53:57.098Z", "dateReserved": "2026-01-19T14:49:06.312Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-21T19:25:12.104Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}