RHEL 10 : java-21-ibm-semeru-certified-jdk (RHSA-2026:22328)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22328 advisory. The IBM Semeru Runtime Certified Edition 21 runtime environment. Security Fixes: freetype: Information disclosure or denial of service via...

Eclipse Open9J: Denial of Service in JITServer via crafted TCP message

A flaw was found in Eclipse Open9J and JITServer. A remote attacker, without needing to authenticate, can send a specially crafted 32-byte TCP message to JITServer. This action can cause JITServer to crash, leading to a Denial of Service DoS for affected systems...

SUSE CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

CVE-2026-6918

A flaw was found in Eclipse Open9J and JITServer. A remote attacker, without needing to authenticate, can send a specially crafted 32-byte TCP message to JITServer. This action can cause JITServer to crash, leading to a Denial of Service DoS for affected systems...

Linux Distros Unpatched Vulnerability : CVE-2026-6918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message. CVE-2026-6918 Note...

CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

EUVD-2026-27315

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

CVE-2026-6918

CVE-2026-6918 affects Eclipse OpenJ9/JITServer. Versions 0.21–0.58 are vulnerable to a pre-auth remote crash triggered by a 32-byte crafted TCP message. The description does not provide exploit details or remediation. No further concrete impact or patch information is available in the connected d...

Eclipse OpenJ9 缓冲区错误漏洞

Eclipse OpenJ9 is a Java application engine developed by the Eclipse Foundation. This product is primarily used for running Java applications. Versions of Eclipse OpenJ9 from 0.21 to 0.58 contain a buffer error vulnerability. This vulnerability allows pre-authenticated remote attackers to cause t...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution RCE attacks. A malicious user can pass bad arguments to the ServerAddDOMFastPathHelper method in JITServer.cpp which causes an out-of-bound write leading to arbitrary code execution...