Eprosima
Products
3- 28 CVEs
- 2 CVEs
- 2 CVEs
Recent CVEs
32| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-62600 | Hig | 0.56 | 8.6 | 0.00 | Feb 3, 2026 | eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a… | ||
| CVE-2025-62599 | Hig | 0.56 | 8.6 | 0.00 | Feb 3, 2026 | eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a… | ||
| CVE-2025-63548 | Hig | 0.49 | 7.5 | 0.00 | May 1, 2026 | An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to bear a non-valid value in any Boolean field. | ||
| CVE-2025-63547 | Hig | 0.49 | 7.5 | 0.00 | May 1, 2026 | An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU length field | ||
| CVE-2024-26369 | Hig | 0.49 | 7.5 | 0.01 | Mar 19, 2024 | An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads to a SIGABRT (signal abort) upon receiving DataWriter's data. | ||
| CVE-2025-64438 | 0.00 | — | 0.01 | Feb 3, 2026 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory (OOM) denial-of-service exists in Fast -DDS when processing RTPS GAP… | |||
| CVE-2025-64098 | 0.00 | — | 0.00 | Feb 3, 2026 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes… | |||
| CVE-2025-62799 | 0.00 | — | 0.00 | Feb 3, 2026 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un authenticated sender can transmit a… | |||
| CVE-2025-62603 | 0.00 | — | 0.01 | Feb 3, 2026 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after… | |||
| CVE-2025-62602 | 0.00 | — | 0.00 | Feb 3, 2026 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes… | |||
| CVE-2025-62601 | 0.00 | — | 0.01 | Feb 3, 2026 | Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes… | |||
| CVE-2025-65865 | 0.00 | — | 0.00 | Dec 23, 2025 | An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||
| CVE-2025-67108 | 0.00 | — | 0.00 | Dec 23, 2025 | eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections. | |||
| CVE-2025-63829 | 0.00 | — | 0.00 | Nov 18, 2025 | eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow in the Time_t:: fraction() function. | |||
| CVE-2025-24807 | 0.00 | — | 0.00 | Feb 11, 2025 | eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date… | |||
| CVE-2024-30259 | 0.00 | — | 0.01 | May 13, 2024 | FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed `RTPS` packet, heap buffer overflow occurs on the subscriber. This can… | |||
| CVE-2024-30258 | 0.00 | — | 0.01 | May 13, 2024 | FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed `RTPS` packet, the subscriber crashes when creating `pthread`. This can… | |||
| CVE-2024-30916 | 0.00 | — | 0.00 | Apr 11, 2024 | An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component. | |||
| CVE-2024-30917 | 0.00 | — | 0.00 | Apr 11, 2024 | An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component. | |||
| CVE-2024-28231 | 0.00 | — | 0.01 | Mar 20, 2024 | eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the… |
- risk 0.56cvss 8.6epss 0.00
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a…
- risk 0.56cvss 8.6epss 0.00
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to 2.6.11, 2.14.6, 3.2.4, 3.3.1, and 3.4.1, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a…
- risk 0.49cvss 7.5epss 0.00
An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to bear a non-valid value in any Boolean field.
- risk 0.49cvss 7.5epss 0.00
An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted packet to the MTU length field
- risk 0.49cvss 7.5epss 0.01
An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x, v2.10.x, and v2.6.x leads to a SIGABRT (signal abort) upon receiving DataWriter's data.
- CVE-2025-64438Feb 3, 2026risk 0.00cvss —epss 0.01
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory (OOM) denial-of-service exists in Fast -DDS when processing RTPS GAP…
- CVE-2025-64098Feb 3, 2026risk 0.00cvss —epss 0.00
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes…
- CVE-2025-62799Feb 3, 2026risk 0.00cvss —epss 0.00
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un authenticated sender can transmit a…
- CVE-2025-62603Feb 3, 2026risk 0.00cvss —epss 0.01
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after…
- CVE-2025-62602Feb 3, 2026risk 0.00cvss —epss 0.00
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes…
- CVE-2025-62601Feb 3, 2026risk 0.00cvss —epss 0.01
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes…
- CVE-2025-65865Dec 23, 2025risk 0.00cvss —epss 0.00
An integer overflow in eProsima Fast-DDS v3.3 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-67108Dec 23, 2025risk 0.00cvss —epss 0.00
eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.
- CVE-2025-63829Nov 18, 2025risk 0.00cvss —epss 0.00
eProsima Fast-DDS v3.3 and before has an infinite loop vulnerability caused by integer overflow in the Time_t:: fraction() function.
- CVE-2025-24807Feb 11, 2025risk 0.00cvss —epss 0.00
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date…
- CVE-2024-30259May 13, 2024risk 0.00cvss —epss 0.01
FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves malformed `RTPS` packet, heap buffer overflow occurs on the subscriber. This can…
- CVE-2024-30258May 13, 2024risk 0.00cvss —epss 0.01
FastDDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.14.1, 2.13.5, 2.10.4, and 2.6.8, when a publisher serves a malformed `RTPS` packet, the subscriber crashes when creating `pthread`. This can…
- CVE-2024-30916Apr 11, 2024risk 0.00cvss —epss 0.00
An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component.
- CVE-2024-30917Apr 11, 2024risk 0.00cvss —epss 0.00
An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component.
- CVE-2024-28231Mar 20, 2024risk 0.00cvss —epss 0.01
eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.14.0, 2.13.4, 2.12.3, 2.10.4, and 2.6.8, manipulated DATA Submessage can cause a heap overflow error in the Fast-DDS process, causing the…