In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message.
CVSS Score
8.7
EPSS Score
0.004
Published
2026-05-05
In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.
CVSS Score
7.0
EPSS Score
0.002
Published
2025-05-09