Buffer Overflow Vulnerability in Eclipse OMR Port Library
CVE-2026-1188

6.9MEDIUM

Key Information:

Vendor: Eclipse Foundation
Status: Eclipse Omr
Vendor: CVE Published:; 29 January 2026

🔔 Create Eclipse Foundation Vulnerability Alert

What is CVE-2026-1188?

In the Eclipse OMR port library component, an API function responsible for returning textual names of supported processor features had a vulnerability due to incorrect handling of output buffer sizes. Specifically, the function did not properly account for separators between features, which could lead to a buffer overflow when a malicious actor inputs values that exceed the allocated buffer size. This flaw was addressed in Eclipse OMR version 0.8.0, enforcing better checks to prevent buffer overflows and ensuring system integrity.

Affected Version(s)

Eclipse OMR 0.2.0 < 0.8.0

References

https://github.com/eclipse-omr/omr/pull/8082

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 29, 2026
Vulnerability Reserved
Jan 19, 2026

Credit

Daryl Maier

CVE-2026-1188 Data

JSON