CVE-2025-68138 - EVerest affected by memory exhaustion in libocpp

CVE ID : CVE-2025-68138 Published : Jan. 21, 2026, 8:16 p.m. | 1 hour, 16 minutes ago Description : EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potentially causing memory exhaustion and denial of service. Version 0.30.1 fixes the issue. Severity: 4.7 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...