CVE-2026-2675
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk18th percentile - higher than 18% of all known CVEs
Summary
Missing authentication for a critical function in RTI Connext Professional (Security Plugins) allows spoofing the source of data. The vulnerability affects versions from 5.3.0 up to 7.7.0 (excluding patched releases).
Risk Assessment
An attacker can impersonate a trusted data source, compromising the integrity and authenticity of information in real-time systems.
Recommendation
Immediately update RTI Connext Professional to version 7.7.0, 7.3.1.3, or later, following available security patches.
Original NVD description (English source)
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.

