SUSE CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

CVE-2026-6918

A flaw was found in Eclipse Open9J and JITServer. A remote attacker, without needing to authenticate, can send a specially crafted 32-byte TCP message to JITServer. This action can cause JITServer to crash, leading to a Denial of Service DoS for affected systems...

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affects IBM Rational Functional Tester / DevOps Test UI

Summary There are vulnerabilities in Eclipse Jetty used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: eclipse-ecf (UTSA-2026-016602)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016602 advisory. The ServerTrustManager component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify basicConstraints and nameConstraints in X.509 certificate...

Exploit for Link Following in Microsoft

🛡️ CVE-2026-41091 - RedSun Microsoft Defender Elevation...

Astra Linux - уязвимость в jetty9

In Eclipse Jetty versions 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0alpha0 to 10.0.0.beta2, and 11.0.0alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, then if an attacker can send a request with a body that ...

Security Bulletin:DevOps Test Embedded for Eclipse IDE is vulnerable to XXE injection & RCE due to use of JGit and EGit ( CVE-2023-4759 and CVE-2025-4949)

Summary Due to the use of JGit and EGit, DevOps Test Embedded for Eclipse contains vulnerabilities that could lead to unauthorized file access via XML External Entity XXE injection, and arbitrary file overwrites on case-insensitive filesystems that can lead to Remote Code Execution RCE. This only...

Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.2

Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.2. The vulnerabilities have been addressed in 4.2.2 version. Hence, IBM strongly recommends upgrading to 4.2.2. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

Eclipse Glassfish 代码注入漏洞

Eclipse Glassfish is an application server developed by the Eclipse Foundation. Eclipse Glassfish has a code injection vulnerability. This vulnerability stems from allowing users with panel access rights to send custom requests, thereby enabling them to execute arbitrary operating system commands...

Security Bulletin: Vulnerabilities found in Semeru Runtime affecting Business Developer

Summary There are vulnerabilities in Eclipse OMR used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

SUSE CVE-2026-1188

In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not accounting for the separator inserted between processor features. If the output buffer supplied to this function was incorrectly sized, failing to...

Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of Eclipse Jetty

Summary Due to use of Eclipse Jetty, DevOps Test Performance and Rational Performance Tester contain potential input validation, information exposure, integer overflow, memory allocation, HTTP parsing, and URI authority validation vulnerabilities. Vulnerability Details CVEID:CVE-2022-2047...

Security Bulletin: Buffer overflow vulnerability in OMR affect Rational Business Developer

Summary There are vulnerabilities in Eclipse OMR used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

c2birtengine

BIRT File Upload RCE – C2 over HTTPS This repository provides...

Exploit for CVE-2026-7411

CVE-2026-7411 Overview In certain versions of the Eclipse...

Eclipse Vert.x 安全漏洞

Eclipse Vert.x is a toolkit developed by the Eclipse Foundation for building responsive applications on the JVM. There is a security vulnerability in Eclipse Vert.x, which stems from the fact that the TCP client can perform TLS handshakes and present server name extensions. These server name...

Linux Distros Unpatched Vulnerability : CVE-2023-54342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to...

Linux Distros Unpatched Vulnerability : CVE-2023-54344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by...

Linux Distros Unpatched Vulnerability : CVE-2026-6918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message. CVE-2026-6918 Note...

com.festo.aas:p4m-helpers (>=1.0.0 <=1.0.4), de.dfki.cos.basys.aas.registry:aas-registry-compatibility (=0.4.2) +12 more potentially affected by CVE-2026-7411 via org.eclipse.basyx:basyx.sdk (>=1.0.1 <=1.5.1)

org.eclipse.basyx:basyx.sdk MAVEN version =1.0.1, =1.0.0, =0.4.2, =0.5.0, =0.5.0, =0.5.0, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.5.1 Source cves: CVE-2026-7411 Source advisory: OSV:GHSA-8GPM-H2MH-36QC...