Skip to content
Threat Feed

Product

Jetty

4 briefs RSS
high advisory

Eclipse Jetty: Multiple Vulnerabilities Including Arbitrary Code Execution

An authenticated remote attacker can exploit multiple vulnerabilities in Eclipse Jetty to achieve arbitrary code execution, bypass security measures, or perform an HTTP cache poisoning attack, necessitating immediate patching and enhanced monitoring of Jetty instances.

Jetty vulnerability webserver RCE authentication-bypass cache-poisoning eclipse-jetty
2t
medium threat

Unusual Child Process Execution from Linux Web Servers

This rule detects unusual child process executions originating from web server processes on Linux systems, which attackers may use to maintain persistence on a compromised system by exploiting web server vulnerabilities.

Jira +20 persistence execution command_and_control initial_access linux webserver
2r 4t
medium threat

Suspicious Command Execution via Web Server on Linux

Identifies suspicious command executions via a web server on Linux systems, which may suggest a vulnerability and remote shell access.

Elastic Defend +43 persistence initial-access vulnerability linux
2r 3t
high advisory

Eclipse Jetty JASPIAuthenticator ThreadLocal Privilege Escalation (CVE-2026-5795)

Eclipse Jetty is vulnerable to broken access control and privilege escalation due to improper handling of ThreadLocal variables within the JASPIAuthenticator, potentially leading to unauthorized access.

Jetty privilege escalation webserver cve-2026-5795
2r 1t 1c