Unrated severityOSV Advisory· Published Jan 21, 2026· Updated Jan 21, 2026

EVerest's inadequate exception handling leads to denial of service

CVE-2025-68135

Description

EVerest is an EV charging software stack. Prior to version 2025.10.0, C++ exceptions are not properly handled for and by the TbdController loop, leading to its caller and itself to silently terminates. Thus, this leads to a denial of service as it is responsible of SDP and ISO15118-20 servers. Version 2025.10.0 fixes the issue.

Affected products

Everest/Everest CoreOSV
Range: 2022.12.0, 2022.12.1, 2023.1.0, …

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/EVerest/everest-core/security/advisories/GHSA-g7mm-r6qp-96vhmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000