CVE Catalog

CVE-2026-2675

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile - higher than 18% of all known CVEs

Summary

Missing authentication for a critical function in RTI Connext Professional (Security Plugins) allows spoofing the source of data. The vulnerability affects versions from 5.3.0 up to 7.7.0 (excluding patched releases).

Risk Assessment

An attacker can impersonate a trusted data source, compromising the integrity and authenticity of information in real-time systems.

Recommendation

Immediately update RTI Connext Professional to version 7.7.0, 7.3.1.3, or later, following available security patches.

Original NVD description (English source)

Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS