Known Vulnerabilities for products from Eclipse

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Eclipse".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-46580 json		Not Provided	2026-06-18	2026-06-19
CVE-2026-44691 json		Not Provided	2026-06-18	2026-06-19
CVE-2026-44688 json		Not Provided	2026-06-18	2026-06-19
CVE-2026-27509 json		Not Provided	2026-02-26	2026-05-26
CVE-2026-22886 json	OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the product ship...	Not Provided	2026-03-03	2026-04-09
CVE-2026-22551 json		Not Provided	2026-06-18	2026-06-18
CVE-2026-11576 json		Not Provided	2026-06-19	2026-06-19
CVE-2026-9158 json		Not Provided	2026-06-18	2026-06-18
CVE-2026-7412 json		Not Provided	2026-05-05	2026-05-06
CVE-2026-7411 json		Not Provided	2026-05-05	2026-05-06
CVE-2026-6918 json	In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafte...	Not Provided	2026-05-05	2026-05-05
CVE-2026-6860 json	A TCP client can perform a TLS handshake and present the server name extension with a server name that is accepted by a serve...	Not Provided	2026-05-06	2026-05-12
CVE-2026-5795 json	In Eclipse Jetty, the class JASPIAuthenticator initiates the authentication checks, which set two ThreadLocal variable. Upo...	Not Provided	2026-04-08	2026-04-23
CVE-2026-2587 json	A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by t...	Not Provided	2026-05-19	2026-05-21
CVE-2026-2586 json	An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with ...	Not Provided	2026-05-19	2026-05-21
CVE-2026-2332 json	In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funk...	Not Provided	2026-04-14	2026-05-01
CVE-2026-0648 json	The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_comp...	Not Provided	2026-01-27	2026-04-02
CVE-2025-55102 json	A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially cr...	Not Provided	2026-01-27	2026-04-02
CVE-2025-55095 json	The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When ...	Not Provided	2026-01-27	2026-04-02
CVE-2024-9342 json	In Eclipse GlassFish versions before 8.0.3 it is possible to perform Login Brute Force attacks as there is no limitation in t...	Not Provided	2025-07-16	2026-06-18

Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Eclipse

Type	Vendor	Product	Version
Application	Eclipse	Buildship	3.1.1
Application	Eclipse	Business Intelligence And Reporting Tools	1.0.0
Application	Eclipse	Californium	1.0.0
Application	Eclipse	Che	4.0.0
Application	Eclipse	Eclipse Ide	1.0
Application	Eclipse	Egit	-
Application	Eclipse	Hawkbit	0.2.0
Application	Eclipse	Hono	0.9
Application	Eclipse	Jetty	10.0.0
Application	Eclipse	Jgit	-
Application	Eclipse	Kura	2.0.2
Application	Eclipse	Memory Analyzer	1.9.1
Application	Eclipse	Mojarra	1.2-20
Application	Eclipse	Mosquitto	0.1
Application	Eclipse	Omr	-
Application	Eclipse	Openj9	0.0
Application	Eclipse	Paho Java Client	1.2.0
Application	Eclipse	Rdf4j	1.0.0
Application	Eclipse	Theia	0.0.1
Application	Eclipse	Tinydtls	0.8.1

Results limited to 20 most recent known configurations