The bug is a stack-based buffer overflow in the CAN interface initialization routine of the EVerest core stack. When an interface name longer than the IFNAMSIZ constant (16 characters) is passed to the CAN open function, the ifreq.ifr_name field overflows and corrupts neighboring stack data, potentially allowing an attacker to overwrite return pointers or other control data. This flaw can lead to arbitrary code execution before any privilege checks, and is classified as CWE‑121.

The vulnerability affects all releases of the EVerest everest‑core component before version 2026.02.0. Users running the EV charging software stack on Linux platforms that use these older versions are exposed. The problem resides in the CAN interface handling logic of the core package.

The CVSS score of 8.4 indicates high severity, yet the EPSS score is below 1%, implying low current exploitation probability. It is not listed in the CISA KEV catalog. Based on the description, the issue is exploitable by an adversary able to supply a malformed CAN interface name, which is likely achievable via local configuration or a misconfigured network interface that the software auto‑detects. Because the overflow occurs before privilege checks, the attacker could gain code execution with the privileges of the running EVerest process.