T
TraceWithin
Eclipse

Jetty Vulnerabilities

Security vulnerability tracking for Eclipse Jetty

Last updated: Mar 5, 2026
Total CVEs

1

Critical

0

With Exploits

2

Last 30 Days

0

Vulnerability Timeline

1 vulnerabilities discovered over time for Jetty

Severity Distribution

Critical0
0%
High1
100%
Medium1
100%
Low0
0%
AllCriticalHighMediumLow
DescriptionVendor / ProductExploit Status
CVE-2026-16057.5

This vulnerability allows an attacker to cause a memory leak on servers using specific versions of Eclipse Jetty by sending a compressed HTTP request that isn't met with a compressed response. For this to happen, the server must be configured to handle gzip-encoded requests, but fail to respond with gzip-encoded data.

eclipsejetty
Exploit Available
about 1 month agoMar 5, 2026

About Eclipse Jetty Security

This page provides comprehensive security vulnerability tracking for Eclipse Jetty. Our database includes all CVEs affecting this product, updated in real-time from official sources.

Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.

Security Recommendations

  • • Always keep Jetty updated to the latest version
  • • Subscribe to security advisories from Eclipse
  • • Monitor this page for new vulnerabilities affecting your version
  • • Prioritize patching critical and high severity issues immediately
Subscribe to RSS Feed →View All Eclipse Products →