Vulnerability Details CVE-2026-6918
In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2026-6918
-
cpe:2.3:a:eclipse:openj9:0.21.0
-
cpe:2.3:a:eclipse:openj9:0.22.0
-
cpe:2.3:a:eclipse:openj9:0.23.0
-
cpe:2.3:a:eclipse:openj9:0.24.0
-
cpe:2.3:a:eclipse:openj9:0.25.0
-
cpe:2.3:a:eclipse:openj9:0.26.0
-
cpe:2.3:a:eclipse:openj9:0.27.0
-
cpe:2.3:a:eclipse:openj9:0.27.1
-
cpe:2.3:a:eclipse:openj9:0.28.0
-
cpe:2.3:a:eclipse:openj9:0.29.0
-
cpe:2.3:a:eclipse:openj9:0.29.1
-
cpe:2.3:a:eclipse:openj9:0.30.0
-
cpe:2.3:a:eclipse:openj9:0.30.1
-
cpe:2.3:a:eclipse:openj9:0.31.0
-
cpe:2.3:a:eclipse:openj9:0.32.0
-
cpe:2.3:a:eclipse:openj9:0.33.0
-
cpe:2.3:a:eclipse:openj9:0.33.1
-
cpe:2.3:a:eclipse:openj9:0.35.0
-
cpe:2.3:a:eclipse:openj9:0.36.0
-
cpe:2.3:a:eclipse:openj9:0.36.1
-
cpe:2.3:a:eclipse:openj9:0.37.0
-
cpe:2.3:a:eclipse:openj9:0.38.0
-
cpe:2.3:a:eclipse:openj9:0.39.0
-
cpe:2.3:a:eclipse:openj9:0.40.0
-
cpe:2.3:a:eclipse:openj9:0.41.0
-
cpe:2.3:a:eclipse:openj9:0.42.0
-
cpe:2.3:a:eclipse:openj9:0.43.0
-
cpe:2.3:a:eclipse:openj9:0.44.0
-
cpe:2.3:a:eclipse:openj9:0.45.0
-
cpe:2.3:a:eclipse:openj9:0.46.0
-
cpe:2.3:a:eclipse:openj9:0.46.1
-
cpe:2.3:a:eclipse:openj9:0.47.0
-
cpe:2.3:a:eclipse:openj9:0.48.0
-
cpe:2.3:a:eclipse:openj9:0.49.0
-
cpe:2.3:a:eclipse:openj9:0.51.0
-
cpe:2.3:a:eclipse:openj9:0.53.0
-
cpe:2.3:a:eclipse:openj9:0.54.0
-
cpe:2.3:a:eclipse:openj9:0.55.0
-
cpe:2.3:a:eclipse:openj9:0.56.0