In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory (use-after-free).
References
| Link | Resource |
|---|---|
| https://gitlab.eclipse.org/security/cve-assignment/-/work_items/109 | Vendor Advisory |
Configurations
History
02 Jul 2026, 20:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:eclipse:4diac_forte:*:*:*:*:*:*:*:* | |
| References | () https://gitlab.eclipse.org/security/cve-assignment/-/work_items/109 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| First Time |
Eclipse 4diac Forte
Eclipse |
18 Jun 2026, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-18 14:17
Updated : 2026-07-02 20:04
NVD link : CVE-2026-9158
Mitre link : CVE-2026-9158
CVE.ORG link : CVE-2026-9158
JSON object : View
Products Affected
eclipse
- 4diac_forte
CWE
CWE-416
Use After Free
