CVE-2026-11576
- EPSS 0.26%
- Veröffentlicht 19.06.2026 08:27:59
- Zuletzt bearbeitet 02.07.2026 20:04:25
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fx_file_close() even when the file was never suc...
CVE-2025-55102
- EPSS 0.36%
- Veröffentlicht 27.01.2026 15:25:36
- Zuletzt bearbeitet 02.04.2026 20:30:19
A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacke...
CVE-2025-55086
- EPSS 0.36%
- Veröffentlicht 20.10.2025 17:49:29
- Zuletzt bearbeitet 24.10.2025 15:46:24
In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of ...
CVE-2025-55085
- EPSS 0.55%
- Veröffentlicht 17.10.2025 14:22:28
- Zuletzt bearbeitet 27.10.2025 14:33:47
In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.
CVE-2025-55087
- EPSS 0.42%
- Veröffentlicht 17.10.2025 06:15:34
- Zuletzt bearbeitet 24.10.2025 20:24:27
In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters.
CVE-2025-55094
- EPSS 0.37%
- Veröffentlicht 17.10.2025 05:29:00
- Zuletzt bearbeitet 24.10.2025 20:25:25
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options.
CVE-2025-55093
- EPSS 0.28%
- Veröffentlicht 17.10.2025 05:15:35
- Zuletzt bearbeitet 24.10.2025 20:23:41
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of memory.
CVE-2025-55092
- EPSS 0.3%
- Veröffentlicht 17.10.2025 05:15:35
- Zuletzt bearbeitet 24.10.2025 20:22:11
In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option.
CVE-2025-55091
- EPSS 0.34%
- Veröffentlicht 16.10.2025 07:56:33
- Zuletzt bearbeitet 21.10.2025 17:09:46
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data.
CVE-2025-55090
- EPSS 0.34%
- Veröffentlicht 16.10.2025 06:43:17
- Zuletzt bearbeitet 21.10.2025 17:08:50
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet.