Is Eclipse Jetty 11.0.26 patched?
Current stable (12.1.10): 100/100
11.0.26 has 2 open critical-or-high vulnerabilities. Run 11.0.28 or later to clear them. See what 11.0.28 fixes →
Summary iPlain-English security status for Eclipse Jetty 11.0.26, built from its CVEs, active-exploitation data, end-of-life date and latest release.
Eclipse Jetty 11.0.26 is part of the 11.0 release line. 3 known vulnerabilities affect it. The minimum safe version is 11.0.28 — upgrade to it or later to clear the open critical/high issues. The latest supported Eclipse Jetty release is 12.1.10.
Known issues affecting 11.0.26
Exploited first, then by exploitation probability.
CVE-2026-5795 HIGH EPSS 0% → fixed in 12.1.8 CVE-2026-2332 HIGH EPSS 0% → fixed in 12.1.7 CVE-2025-11143 LOW EPSS 0% → fixed in 12.1.5Other Eclipse Jetty versions
Check another release line of Eclipse Jetty.
Frequently asked
Is Eclipse Jetty 11.0.26 patched?
Eclipse Jetty 11.0.26 has 2 open critical-or-high vulnerabilities. The minimum safe version is 11.0.28 — upgrade to 11.0.28 or later to clear them.
What version should I upgrade Eclipse Jetty 11.0.26 to?
Upgrade Eclipse Jetty 11.0.26 to at least 11.0.28 to clear its 2 open critical-or-high vulnerabilities.
What is the latest version of Eclipse Jetty?
The latest supported Eclipse Jetty release is 12.1.10.
Is Eclipse Jetty 11.0.26 still receiving security updates?
Yes — the 11.0 line is still supported and receiving security updates. The latest release is 12.1.10.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Eclipse's official advisory before you patch or upgrade — Eclipse Jetty official site ↗