CVE-2026-2675
Received
Received - Intake
BaseFortify
Publication date: 2026-06-17
Last updated on: 2026-06-17
Assigner: RTI
Description
Description
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rti | connext_professional | From 7.4.0 (inc) to 7.7.0 (exc) |
| rti | connext_professional | From 7.0.0 (inc) to 7.3.1.3 (exc) |
| rti | connext_professional | From 6.1.0 (inc) to 6.1.* (exc) |
| rti | connext_professional | From 6.0.0 (inc) to 6.0.* (exc) |
| rti | connext_professional | From 5.3.0 (inc) to 5.3.* (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
