Every CVE whose affected-product data names Eclipse Omr, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-1188 — CVSS 9.8 (critical): In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor…
CVE-2025-14549 — CVSS 8.1 (high): In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors…
CVE-2019-11773 — CVSS 7.8 (high): Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
CVE-2025-1471 — CVSS 7.8 (high): In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the…
CVE-2019-11774 — CVSS 7.4 (high): Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop…
CVE-2025-1470 — CVSS 5.5 (medium): In Eclipse OMR, from the initial contribution to version 0.4.0, some OMR internal port library and utilities consumers of z/OS atoe…