CVE-2025-67111

HIGH

Objectcomputing Opendds < 3.33.0 - Integer Overflow

Title source: rule

Description

An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service (DoS) via a crafted message.

References (2)

[Third Party Advisory] https://gist.github.com/lkloliver/fcc5da83b4cba137ce95177a9afc4126

[Broken Link] https://github.com/lkloliver/poc/blob/main/POC_OpenDDS.md

Scores

CVSS v3 7.5

EPSS 0.0014

EPSS Percentile 32.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (1)

objectcomputing/opendds < 3.33.0

Published Dec 23, 2025

Tracked Since Feb 18, 2026