Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Fast-DDS — Vulnerabilities & Security Advisories 21

All 21 CVE vulnerabilities found in Fast-DDS, with AI-generated Chinese analysis, references, and POCs.

Vendor: eProsima

CVE IDTitleCVSSSeverityPublished
CVE-2025-64438 Fast-DDS: Unbounded GAP range triggers OOM DoS under RELIABLE QoS CWE-835 7.5AIHighAI2026-02-03
CVE-2025-64098 FastDDS has Out-of-memory in readOctetVector via Manipulated DATA Submessage when DDS Security is enabled CWE-125 7.5AIHighAI2026-02-03
CVE-2025-62799 FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE) CWE-122 9.8AICriticalAI2026-02-03
CVE-2025-62603 FastDDS has Out-of-memory while parsing GenericMessage when DDS Security is enabled CWE-125 9.8AICriticalAI2026-02-03
CVE-2025-62602 FastDDS has heap buffer overflow in readData via Manipulated DATA Submessage when DDS Security is enabled CWE-122 7.5AIHighAI2026-02-03
CVE-2025-62601 FastDDS has heap buffer overflow in readString via Manipulated DATA Submessage when DDS Security is enabled CWE-122 7.5AIHighAI2026-02-03
CVE-2025-62600 eprosima Fast DDS affected by Out-of-Memory in readBinaryPropertySeq via Manipulated DATA Submessage when DDS Security is enabled CWE-190 8.6 High2026-02-03
CVE-2025-62599 eprosima Fast DDS affected by Out-of-Memory in readPropertySeq via Manipulated DATA Submessage when DDS Security is enabled CWE-190 8.6 High2026-02-03
CVE-2025-24807 Fast DDS does not verify Permissions CA CWE-345 9.1 -2025-02-11
CVE-2024-30259 FastDDS heap buffer overflow when publisher sends malformed packet CWE-120 8.2 High2024-05-13
CVE-2024-30258 FastDDS crash when publisher send malformed packet CWE-20 8.2 High2024-05-13
CVE-2024-28231 Manipulated DATA Submessage causes a heap-buffer-overflow error CWE-122 9.7 Critical2024-03-20
CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error CWE-416 9.7 Critical2024-03-06
CVE-2023-50257 Disconnect Vulnerability in RTPS Packets Used by SROS2 CWE-284 9.7 Critical2024-02-19
CVE-2023-42459 Malformed DATA submessage leads to bad-free error in Fast-DDS CWE-415 8.6 High2023-10-16
CVE-2023-39949 Improper validation of sequence numbers leading to remotely reachable assertion failure CWE-617 7.5 High2023-08-11
CVE-2023-39948 Uncaught fastcdr exception (Unexpected CDR type received) crashing fastdds CWE-248 7.5 High2023-08-11
CVE-2023-39947 Another heap overflow in push_back_helper CWE-122 8.2 High2023-08-11
CVE-2023-39946 Heap overflow in push_back_helper due to a CDR message CWE-122 8.2 High2023-08-11
CVE-2023-39945 Malformed serialized data in a data submessage leads to unhandled exception CWE-248 8.2 High2023-08-11
CVE-2023-39534 Malformed GAP submessage triggers assertion failure CWE-617 7.5 High2023-08-11

All 21 known CVE vulnerabilities affecting Fast-DDS with full Chinese analysis, references, and POCs where available.