VYPR

netxduo

by Eclipse Threadx

CVEs (2)

  • CVE-2025-55084MedOct 16, 2025
    risk 0.34cvss 5.3epss 0.00

    In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.

  • CVE-2026-11576Jun 19, 2026
    risk 0.00cvss epss 0.00

    The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fx_file_close() even when the file was never successfully opened. Multiple…