Known Vulnerabilities for products from Eclipse
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Eclipse".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22886 json | OpenMQ exposes a TCP-based management service (imqbrokerd) that by default requires authentication. However, the product ship... | Not Provided | 2026-03-03 | 2026-04-09 |
| CVE-2026-5795 json | Not Provided | 2026-04-08 | 2026-04-08 | |
| CVE-2026-2332 json | Not Provided | 2026-04-14 | 2026-04-15 | |
| CVE-2026-0648 json | The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_comp... | Not Provided | 2026-01-27 | 2026-04-02 |
| CVE-2025-55102 json | A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially cr... | Not Provided | 2026-01-27 | 2026-04-02 |
| CVE-2025-55095 json | The function _ux_host_class_storage_media_mount() is responsible for mounting partitions on a USB mass storage device. When ... | Not Provided | 2026-01-27 | 2026-04-02 |
| CVE-2023-44487 json | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many stre... | 7.5 - HIGH | 2023-10-10 | 2024-02-02 |
| CVE-2023-41900 json | Jetty is a Java based web server and servlet engine. Versions 9.4.21 through 9.4.51, 10.0.15, and 11.0.15 are vulnerable to w... | 4.3 - MEDIUM | 2023-09-15 | 2023-11-10 |
| CVE-2023-41034 json | Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser` and `Default... | 9.8 - CRITICAL | 2023-08-31 | 2023-09-06 |
| CVE-2023-40167 json | Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts th... | 5.3 - MEDIUM | 2023-09-15 | 2023-10-13 |
| CVE-2023-36479 json | Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very spe... | 4.3 - MEDIUM | 2023-09-15 | 2023-10-16 |
| CVE-2023-36478 json | Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.... | 7.5 - HIGH | 2023-10-10 | 2023-11-16 |
| CVE-2023-32081 json | Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. From versions 3.1... | 6.5 - MEDIUM | 2023-05-12 | 2023-05-24 |
| CVE-2023-28366 json | The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client s... | 7.5 - HIGH | 2023-09-01 | 2024-01-07 |
| CVE-2023-26049 json | Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle coo... | 5.3 - MEDIUM | 2023-04-18 | 2024-02-01 |
| CVE-2023-26048 json | Jetty is a java based web server and servlet engine. In affected versions servlets with multipart support (e.g. annotated wit... | 5.3 - MEDIUM | 2023-04-18 | 2023-09-30 |
| CVE-2023-24815 json | Vert.x-Web is a set of building blocks for building web applications in the java programming language. When running vertx web... | 5.3 - MEDIUM | 2023-02-09 | 2023-02-17 |
| CVE-2023-5763 json | In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attac... | 9.8 - CRITICAL | 2023-11-03 | 2023-11-13 |
| CVE-2023-5632 json | In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes... | 7.5 - HIGH | 2023-10-18 | 2023-10-25 |
| CVE-2023-4760 json | In Eclipse RAP versions from 3.0.0 up to and including 3.25.0, Remote Code Execution is possible on Windows when using the Fi... | 9.8 - CRITICAL | 2023-09-21 | 2023-09-26 |
Known software with vulnerabilities from Eclipse
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Eclipse | Buildship | 3.1.1 |
| Application | Eclipse | Business Intelligence And Reporting Tools | 1.0.0 |
| Application | Eclipse | Californium | 1.0.0 |
| Application | Eclipse | Che | 4.0.0 |
| Application | Eclipse | Eclipse Ide | 1.0 |
| Application | Eclipse | Egit | - |
| Application | Eclipse | Hawkbit | 0.2.0 |
| Application | Eclipse | Hono | 0.9 |
| Application | Eclipse | Jetty | 10.0.0 |
| Application | Eclipse | Jgit | - |
| Application | Eclipse | Kura | 2.0.2 |
| Application | Eclipse | Memory Analyzer | 1.9.1 |
| Application | Eclipse | Mojarra | 1.2-20 |
| Application | Eclipse | Mosquitto | 0.1 |
| Application | Eclipse | Omr | - |
| Application | Eclipse | Openj9 | 0.0 |
| Application | Eclipse | Paho Java Client | 1.2.0 |
| Application | Eclipse | Rdf4j | 1.0.0 |
| Application | Eclipse | Theia | 0.0.1 |
| Application | Eclipse | Tinydtls | 0.8.1 |