VYPR

Libocpp

by Everest

Source repositories

CVEs (3)

  • CVE-2025-59399LowSep 15, 2025
    risk 0.13cvss 3.1epss 0.00

    libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation.

  • CVE-2025-59398LowSep 15, 2025
    risk 0.13cvss 3.1epss 0.00

    The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw.

  • CVE-2025-68138Jan 21, 2026
    risk 0.00cvss epss 0.00

    EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will…