CVE-2026-11576

Source
https://cve.org/CVERecord?id=CVE-2026-11576
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11576.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-11576
Published
2026-06-19T08:27:59.652Z
Modified
2026-07-08T07:59:44.856627732Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose() even when the file was never successfully opened. Multiple error branches jump to the shared cleanup label before any file open operation has occurred, causing fxfileclose() to operate on an uninitialized file handle, leading to undefined behavior, double-close issues, or memory corruption.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/11xxx/CVE-2026-11576.json",
    "cna_assigner": "eclipse",
    "cwe_ids": [
        "CWE-415",
        "CWE-459",
        "CWE-908"
    ]
}
References

Affected packages

Git / github.com/eclipse-threadx/netxduo

Affected ranges

Type
GIT
Repo
https://github.com/eclipse-threadx/netxduo
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ],
    "cpe": "cpe:2.3:a:eclipse:threadx_netx_duo:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "6.4.2"
        },
        {
            "last_affected": "6.5.0.202601"
        }
    ]
}

Affected versions

v.*
v.6.4.4.202503_rel
v6.*
v6.4.2_rel
v6.4.3_rel
v6.4.4.202503a
v6.4.5.202504_rel
v6.5.0.202601_rel

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-11576.json"