linuxfoundation

523 tracked vulnerabilities.

CVE-2026-33009 HIGH
EVerest: MQTT Switch-Phases Command Data Race Causing Charger State Corruptio
Mar 26, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-29044 MEDIUM
EVerest: Charging Continues When WithdrawAuthorization Is Processed Before TransactionStarted
Mar 26, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-27828 HIGH
EVerest: ISO15118 session_setup use-after-free can crash EVSE process
Mar 26, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-27816 CRITICAL
EVerest's ISO15118 update_energy_transfer_modes overflow can corrupt EVSE state
Mar 26, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-27815 CRITICAL
EVerest: ISO15118 session_setup payment options overflow can corrupt EVSE state
Mar 26, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-27814 MEDIUM
EVerest EvseManager phase-switch path has unsynchronized shared-state access race condition
Mar 26, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-27813 MEDIUM
EVerest has use-after-free in auth timeout timer via race condition
Mar 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-26074 HIGH
EVerest: OCPP201 startup event_queue lock mismatch leads to std::map/std::queue data race
Mar 26, 2026
CVSS 7.0
EPSS 0.00
CVE-2026-26073 MEDIUM
EVerest: OCPP 1.6 heap corruption caused by lock-free insertion in event_queue
Mar 26, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-26072 MEDIUM
EVerest has race-condition-induced std::map corruption in OCPP 1.6 evse_soc_map
Mar 26, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-26071 MEDIUM
EVerest: OCPP 2.0.1 EVCCID Data Race Leads to Heap Use‑After‑Free
Mar 26, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-26070 MEDIUM
EVerest: OCPP 2.0.1 EV SoC Update Race Causes Charge Point Crash
Mar 26, 2026
CVSS 4.6
EPSS 0.00
CVE-2026-26008 HIGH
EVerest has OOB via EVSE ID Indexing Mismatch in OCPP 2.0.1 UpdateAllowedEnergyTransferModes
Mar 26, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-23995 HIGH
EVerest has stack buffer overflow in ifreq.ifr_name when interface name exceeds IFNAMSIZ
Mar 26, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-22790 HIGH
EVerest's unchecked SLAC payload length causes stack overflow in HomeplugMessage::setup_payload
Mar 26, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-22593 HIGH
EVerest has off-by-one stack buffer overflow in IsoMux certificate filename parsing
Mar 26, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-33249 MEDIUM
NATS: Message tracing can be redirected to arbitrary subject
Mar 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-33248 MEDIUM
NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching
Mar 25, 2026
CVSS 4.2
EPSS 0.00
CVE-2026-33223 MEDIUM
NATS Server: Incomplete Stripping of Nats-Request-Info Header Allows Identity Spoofing
Mar 25, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-33222 MEDIUM
NATS JetStream has an authorization bypass through its Management API
Mar 25, 2026
CVSS 4.9
EPSS 0.00
CVE-2026-33247 HIGH
NATS credentials are exposed in monitoring port via command-line argv
Mar 25, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-33246 MEDIUM
NATS: Leafnode connections allow spoofing of Nats-Request-Info identity headers
Mar 25, 2026
CVSS 6.4
EPSS 0.00
CVE-2026-33219 MEDIUM
NATS is vulnerable to pre-auth DoS through WebSockets client service
Mar 25, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-33218 HIGH
NATS has pre-auth server panic via leafnode handling
Mar 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-33217 HIGH
NATS allows MQTT clients to bypass ACL checks
Mar 25, 2026
CVSS 7.1
EPSS 0.00
Products
yocto 114 pytorch 31 everest 29 nats-server 24 harbor 23 magma 22 containerd 16 runc 16 iot-yocto 15 cups-filters 14 backstage 13 dragonfly 13 open_network_operating_system 11 onnx 10 ceph 8 kubeedge 8 spinnaker 8 tekton_pipelines 8 automotive_grade_linux 6 cubefs 6 edge_virtualization_engine 5 foomatic-filters 5 osquery 5 dex 4 grpc_swift 4 indy-node 4 materialx 4 opendaylight 4 rekor 4 the_update_framework 4
Quick Filters
Critical CVEs With Exploits In CISA KEV