OpenJDK is a free distribution of the JDK, maintained by several vendors and the community. It is a development environment for building applications, applets, and components using the Java programming language.

OpenJDK JDK

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Ubuntu is a Linux distribution based on Debian, mostly composed of free and open-source software. Ubuntu is officially released in three editions: Desktop, Server, and Core for internet of things devices and robots. All the editions can run on the computer alone or in a virtual machine.

Linux Ubuntu

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

The Amazon Linux is a supported and maintained Linux image provided by Amazon Web Services for use on Amazon Elastic Compute Cloud (Amazon EC2).

Amazon Linux

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-26740	HIGH	8.2	NixOS	java-25-openjdk-static-libs-fastdebug	No	Yes	Mar 18, 2026
CVE-2026-33636	HIGH	7.6	OpenJDK JDK	java-1.8.0-openjdk-demo-fastdebug	No	Yes	Mar 26, 2026
CVE-2026-33416	HIGH	7.5	OpenJDK JDK	java-17-openjdk-static-libs-slowdebug	No	Yes	Mar 26, 2026
CVE-2026-23865	MEDIUM	5.3	OpenJDK JDK	java-17-openjdk-javadoc-zip	No	Yes	Mar 02, 2026
CVE-2026-3713	MEDIUM	4.8	OpenJDK JDK	java-25-openjdk-crypto-adapter-fastdebug	No	Yes	Mar 08, 2026

CVE-2026-23865:
OpenJDK JDK vulnerability analysis and mitigation

5.3

Related OpenJDK JDK vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-23865: OpenJDK JDK vulnerability analysis and mitigation