CVE-2026-2675
published 2026-06-17CVE-2026-2675: Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data. Missing…
medium6CVSS 4.0
AVNACLATPPRLUINVCNVIHVANSCNSINSAN
EPSS
0.27%
18.4th percentile
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rti | connext_professional | >= 5.3.0 < 5.3.* | 5.3.* |
| rti | connext_professional | >= 6.0.0 < 6.0.* | 6.0.* |
| rti | connext_professional | >= 6.1.0 < 6.1.* | 6.1.* |
| rti | connext_professional | >= 7.0.0 < 7.3.1.3 | 7.3.1.3 |
| rti | connext_professional | >= 7.4.0 < 7.7.0 | 7.7.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
RTI Connext Professional prior 7.3.1.3/7.7.0 missing authentication
vuldb·2026-06-17
CVE-2026-2675 [CRITICAL] RTI Connext Professional prior 7.3.1.3/7.7.0 missing authentication
A vulnerability categorized as critical has been discovered in RTI Connext Professional. This vulnerability affects unknown code. Executing a manipulation can lead to missing authentication.
This vulnerability is registered as CVE-2026-2675. It is possible to launch the attack remotely. No exploit is available.
It is advisable to upgrade the affected component.
GHSA
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.
ghsa_unreviewed·2026-06-17
CVE-2026-2675 [MEDIUM] CWE-306 Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.
CVEList
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
cvelistv5·2026-06-17·CVSS 6.0
CVE-2026-2675 [MEDIUM] CWE-306 Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-17
Published