Eclipse Threadx Netx Duo — known CVE vulnerabilities
Every CVE whose affected-product data names Eclipse Threadx Netx Duo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2025-55086 — CVSS 9.8 (critical): In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked…
CVE-2025-55081 — CVSS 9.1 (critical): In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length…
CVE-2025-0727 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a…
CVE-2025-0728 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a…
CVE-2025-2258 — CVSS 7.5 (high): In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer…
CVE-2025-2259 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a…
CVE-2025-55087 — CVSS 7.5 (high): In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by…
CVE-2026-11576 — CVSS 7.5 (high): The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared…
CVE-2025-55102 — CVSS 7.5 (high): A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network…
CVE-2025-55094 — CVSS 7.5 (high): In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in…
CVE-2025-55085 — CVSS 7.5 (high): In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header…
CVE-2025-2260 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause a denial of service by specially…
CVE-2025-0726 — CVSS 7.5 (high): In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause a denial of service by specially…
CVE-2024-2452 — CVSS 7.0 (high): In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer…
CVE-2025-55090 — CVSS 6.5 (medium): In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in…
CVE-2025-55091 — CVSS 6.5 (medium): In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in…
CVE-2025-55092 — CVSS 5.3 (medium): In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of…
CVE-2025-55093 — CVSS 5.3 (medium): In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in…
CVE-2025-55084 — CVSS 5.3 (medium): In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clie…
CVE-2025-55083 — CVSS 5.3 (medium): In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two…
CVE-2025-55082 — CVSS 5.3 (medium): In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in…