POV: you demo a vulnerability on stage in 2019, release a full exploitation tool (V2GInjector), present it at conferences and then get silent for some years...

...and in 2025 it finally gets a CVE because someone else reported it to CISA 💀

At least they credited us. Thanks CISA 🤝

CVE-2025-12357 — SLAC MitM on ISO 15118-2 EV charging. CVSS 8.3.
AKA "the HPGP standard is broken by design, we told you so."
https://www.cve.org/CVERecord?id=CVE-2025-12357