Eclipse Cyclone Data Distribution Service — known CVE vulnerabilities
Every CVE whose affected-product data names Eclipse Cyclone Data Distribution Service, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-67109 — CVSS 10.0 (critical): Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and…
CVE-2024-10838 — CVSS 9.1 (critical): An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into…
CVE-2020-18734 — CVSS 7.5 (high): A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
CVE-2020-18735 — CVSS 7.5 (high): A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.