Vendor CVEs
Rti
All CVEs
34 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-14543 | Cri | 0.59 | 9.1 | 0.00 | Apr 30, 2026 | Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0… | ||
| CVE-2026-4374 | Cri | 0.59 | 9.1 | 0.00 | Apr 1, 2026 | Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat... | ||
| CVE-2025-4993 | Cri | 0.59 | 9.1 | 0.00 | Sep 23, 2025 | Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.10, from 6.1.0 before 6.1.2.27, from 6.0.0 before 6.0.1.43, from 5.3.0… | ||
| CVE-2025-10450 | Hig | 0.49 | 7.5 | 0.00 | Dec 16, 2025 | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.2.0 before 7.3.1. | ||
| CVE-2025-4582 | Hig | 0.46 | 7.1 | 0.00 | Sep 23, 2025 | Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Professional (Core Libraries) allows File Manipulation, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.8, from 6.1.0 before 6.1.2.26, from 6.0.0 before… | ||
| CVE-2026-2394 | Med | 0.42 | 6.5 | 0.00 | Apr 1, 2026 | Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 4.3x… | ||
| CVE-2026-2674 | 0.00 | — | 0.00 | Jun 17, 2026 | Out-of-bounds Write, Out-of-bounds Write, Out-of-bounds Write vulnerability in RTI Connext Professional (Queueing Service,Core Libraries,Persistence Service) allows Overflow Buffers, Overflow Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before… | |||
| CVE-2026-30803 | 0.00 | — | 0.00 | Jun 17, 2026 | Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0. | |||
| CVE-2026-30802 | 0.00 | — | 0.00 | Jun 17, 2026 | Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0. | |||
| CVE-2026-30799 | 0.00 | — | 0.00 | Jun 17, 2026 | Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.*, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from… | |||
| CVE-2026-7300 | 0.00 | — | 0.00 | Jun 17, 2026 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filter Failure through Buffer Overflow.This issue affects Connext Professional: from 7.4.0 before 7.*, from 7.0.0 before 7.3.1.3,… | |||
| CVE-2026-3894 | 0.00 | — | 0.00 | Jun 17, 2026 | Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from… | |||
| CVE-2026-2675 | 0.00 | — | 0.00 | Jun 17, 2026 | Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*,… | |||
| CVE-2026-2467 | 0.00 | — | 0.00 | Jun 17, 2026 | Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0… | |||
| CVE-2025-8410 | 0.00 | — | 0.00 | Sep 23, 2025 | Use After Free vulnerability in RTI Connext Professional (Security Plugins) allows File Manipulation.This issue affects Connext Professional: from 7.5.0 before 7.6.0. | |||
| CVE-2025-1255 | 0.00 | — | 0.00 | Sep 23, 2025 | Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9. | |||
| CVE-2025-1254 | 0.00 | — | 0.00 | May 8, 2025 | Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0… | |||
| CVE-2025-1253 | 0.00 | — | 0.00 | May 8, 2025 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before… | |||
| CVE-2025-1252 | 0.00 | — | 0.00 | May 8, 2025 | Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from… | |||
| CVE-2024-52066 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.5, from 6.1.0 before… | |||
| CVE-2024-52065 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional on non-Windows (Persistence Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.1.2… | |||
| CVE-2024-52064 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.21, from 6.0.0 before… | |||
| CVE-2024-52063 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21,… | |||
| CVE-2024-52062 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before… | |||
| CVE-2024-52061 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Queuing Service, Recording Service, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before… | |||
| CVE-2024-52060 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This… | |||
| CVE-2024-52059 | 0.00 | — | 0.00 | Dec 13, 2024 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0… | |||
| CVE-2024-52058 | 0.00 | — | 0.01 | Dec 13, 2024 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext Professional (System Designer) allows OS Command Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.19. | |||
| CVE-2024-52057 | 0.00 | — | 0.00 | Dec 13, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before… | |||
| CVE-2024-25724 | 0.00 | — | 0.00 | May 21, 2024 | In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's… | |||
| CVE-2021-38435 | 0.00 | — | 0.01 | May 5, 2022 | RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow. | |||
| CVE-2021-38433 | 0.00 | — | 0.01 | May 5, 2022 | RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | |||
| CVE-2021-38427 | 0.00 | — | 0.01 | May 5, 2022 | RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | |||
| CVE-2021-38487 | 0.00 | — | 0.03 | May 5, 2022 | RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure. |
- risk 0.59cvss 9.1epss 0.00
Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0…
- risk 0.59cvss 9.1epss 0.00
Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...
- risk 0.59cvss 9.1epss 0.00
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.10, from 6.1.0 before 6.1.2.27, from 6.0.0 before 6.0.1.43, from 5.3.0…
- risk 0.49cvss 7.5epss 0.00
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.2.0 before 7.3.1.
- risk 0.46cvss 7.1epss 0.00
Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Professional (Core Libraries) allows File Manipulation, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.8, from 6.1.0 before 6.1.2.26, from 6.0.0 before…
- risk 0.42cvss 6.5epss 0.00
Buffer Over-read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 4.3x…
- CVE-2026-2674Jun 17, 2026risk 0.00cvss —epss 0.00
Out-of-bounds Write, Out-of-bounds Write, Out-of-bounds Write vulnerability in RTI Connext Professional (Queueing Service,Core Libraries,Persistence Service) allows Overflow Buffers, Overflow Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before…
- CVE-2026-30803Jun 17, 2026risk 0.00cvss —epss 0.00
Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
- CVE-2026-30802Jun 17, 2026risk 0.00cvss —epss 0.00
Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
- CVE-2026-30799Jun 17, 2026risk 0.00cvss —epss 0.00
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.*, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from…
- CVE-2026-7300Jun 17, 2026risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filter Failure through Buffer Overflow.This issue affects Connext Professional: from 7.4.0 before 7.*, from 7.0.0 before 7.3.1.3,…
- CVE-2026-3894Jun 17, 2026risk 0.00cvss —epss 0.00
Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from…
- CVE-2026-2675Jun 17, 2026risk 0.00cvss —epss 0.00
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*,…
- CVE-2026-2467Jun 17, 2026risk 0.00cvss —epss 0.00
Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0…
- CVE-2025-8410Sep 23, 2025risk 0.00cvss —epss 0.00
Use After Free vulnerability in RTI Connext Professional (Security Plugins) allows File Manipulation.This issue affects Connext Professional: from 7.5.0 before 7.6.0.
- CVE-2025-1255Sep 23, 2025risk 0.00cvss —epss 0.00
Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9.
- CVE-2025-1254May 8, 2025risk 0.00cvss —epss 0.00
Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0…
- CVE-2025-1253May 8, 2025risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before…
- CVE-2025-1252May 8, 2025risk 0.00cvss —epss 0.00
Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from…
- CVE-2024-52066Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.5, from 6.1.0 before…
- CVE-2024-52065Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional on non-Windows (Persistence Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.1.2…
- CVE-2024-52064Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.21, from 6.0.0 before…
- CVE-2024-52063Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21,…
- CVE-2024-52062Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before…
- CVE-2024-52061Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Queuing Service, Recording Service, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before…
- CVE-2024-52060Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This…
- CVE-2024-52059Dec 13, 2024risk 0.00cvss —epss 0.00
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0…
- CVE-2024-52058Dec 13, 2024risk 0.00cvss —epss 0.01
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext Professional (System Designer) allows OS Command Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.19.
- CVE-2024-52057Dec 13, 2024risk 0.00cvss —epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before…
- CVE-2024-25724May 21, 2024risk 0.00cvss —epss 0.00
In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's…
- CVE-2021-38435May 5, 2022risk 0.00cvss —epss 0.01
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow.
- CVE-2021-38433May 5, 2022risk 0.00cvss —epss 0.01
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.
- CVE-2021-38427May 5, 2022risk 0.00cvss —epss 0.01
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.
- CVE-2021-38487May 5, 2022risk 0.00cvss —epss 0.03
RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.