CVE-2025-62600 eprosima Fast DDS affected by Out-of-Memory in readBinaryPropertySeq via Manipulated DATA Submessage when DDS Security is enabled

🗓️ 03 Feb 2026 19:11:19Reported by GitHub_MType

CVE-2025-62600: FastDDS OOM when security is enabled and DATA Submessage in SPDP is tampered.

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2025-62600	3 Feb 202619:11	–	attackerkb
CNNVD	Fast-DDS 输入验证错误漏洞	3 Feb 202600:00	–	cnnvd
CVE	CVE-2025-62600	3 Feb 202619:11	–	cve
Debian CVE	CVE-2025-62600	3 Feb 202619:11	–	debiancve
EUVD	EUVD-2025-206677	3 Feb 202619:11	–	euvd
NVD	CVE-2025-62600	3 Feb 202619:16	–	nvd
OSV	CVE-2025-62600 FastDDS has Out-of-Memory in readPropertySeq via Manipulated DATA Submessage when DDS Security is enabled	3 Feb 202619:11	–	osv
OSV	DEBIAN-CVE-2025-62600	3 Feb 202619:16	–	osv
OSV	UBUNTU-CVE-2025-62600	3 Feb 202619:16	–	osv
Positive Technologies	PT-2025-54585	1 Jan 202500:00	–	ptsecurity

[
  {
    "vendor": "eProsima",
    "product": "Fast-DDS",
    "versions": [
      {
        "version": "< 2.6.11",
        "status": "affected"
      },
      {
        "version": ">= 2.7.0, < 2.14.6",
        "status": "affected"
      },
      {
        "version": ">= 3.0.0, < 3.2.4",
        "status": "affected"
      },
      {
        "version": ">= 3.3.0, < 3.3.1",
        "status": "affected"
      },
      {
        "version": ">= 3.4.0, < 3.4.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/eProsima/Fast-DDS/security/advisories/GHSA-hvm8-mm7f-m6hc

09 Apr 2026 18:04Current

CVSS 3.18.6

EPSS0.00025