{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T14:31:05.799","vulnerabilities":[{"cve":{"id":"CVE-2026-33015","sourceIdentifier":"security-advisories@github.com","published":"2026-03-26T17:16:38.130","lastModified":"2026-03-31T14:20:51.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"EVerest is an EV charging software stack. Prior to version 2026.02.0, even immediately after CSMS performs a RemoteStop (StopTransaction), the EVSE can return to `PrepareCharging` via the EV's BCB toggle, allowing session restart. This breaks the irreversibility of remote stop and can bypass operational/billing/safety controls. Version 2026.02.0 contains a patch."},{"lang":"es","value":"EVerest es una pila de software de carga de vehículos eléctricos. Antes de la versión 2026.02.0, incluso inmediatamente después de que el CSMS realice un RemoteStop (StopTransaction), el EVSE puede volver a 'PrepareCharging' a través del interruptor BCB del VE, permitiendo el reinicio de la sesión. Esto rompe la irreversibilidad de la parada remota y puede eludir los controles operativos/de facturación/de seguridad. La versión 2026.02.0 contiene un parche."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.9,"impactScore":4.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linuxfoundation:everest:*:*:*:*:*:*:*:*","versionEndExcluding":"2026.02.0","matchCriteriaId":"EB167E67-6808-4F7B-9505-FFF0C02B288C"}]}]}],"references":[{"url":"https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/EVerest/EVerest/security/advisories/GHSA-pw9q-2287-cchc","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}