What is CVE-2025-68133?

CVE-2025-68133 is a high-severity vulnerability in Everest Everest-core, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.4/10. Published 2026-01-21.

How severe is CVE-2025-68133?

High severity. CVSS v3 base score is 7.4 out of 10.

Resource exhaustion in Everest Everest-core

CVE-2025-68133

EVerest is an EV charging software stack. In versions 2025.9.0 and below, an attacker can exhaust the operating system's memory and cause the module to terminate by initiating an unlimited number of TCP connections that never proceed to IS…

EPSS: 0.000 (10.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H.

Affected products

Everest Everest-core — versions < 2025.10.0

Weakness classification (CWE)

CWE-770 — Allocation of Resources Without Limits or Throttling

References

https://github.com/EVerest/everest-core/security/advisories/GHSA-mv3w-pp85-5h7c (x_refsource_CONFIRM)
https://github.com/EVerest/everest-core/commit/8127b8c54b296c4dd01b356ac26763f81f76a8fd (x_refsource_MISC)
https://github.com/EVerest/everest-core/commit/de504f0c11069010d26767b0952739e9a400cef3 (x_refsource_MISC)

Frequently asked questions

What is CVE-2025-68133?: CVE-2025-68133 is a high-severity vulnerability in Everest Everest-core, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.4/10. Published 2026-01-21.
How severe is CVE-2025-68133?: High severity. CVSS v3 base score is 7.4 out of 10.