CVE-2026-9158

UNKNOWN 0.0

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory (use-after-free).

CWE	CWE-416
Vendor	eclipse foundation
Product	eclipse 4diac
Published	Jun 18, 2026
Last Updated	Jun 18, 2026

Stay Ahead of the Next One

Get instant alerts for eclipse foundation eclipse 4diac

Be the first to know when new unknown vulnerabilities affecting eclipse foundation eclipse 4diac are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Eclipse Foundation / Eclipse 4diac

3.0.0 ≤ 3.1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

gitlab.eclipse.org: https://gitlab.eclipse.org/security/cve-assignment/-/work_items/109

Credits

Cool Klaur @klaurx