Ubuntu
Multiple OpenJDK Versions Exposed to Remote Information Theft Vulnerabilities
First seen 3 Feb 2026, 08:35 UTC
•
•77% similarity
•65.6
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Vulnerabilities have been identified in OpenJDK versions 8, 11, and 21, as well as CRaC JDK 21. The RMI component in these versions allows unauthenticated remote attackers to establish TCP endpoint connections without proper endpoint identification, potentially leading to sensitive information theft. The issues were discovered by researcher Mingijung and are associated with CVE-2026-21925.
ThreatCluster AI