Vulnerability Details CVE-2026-4374
Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.9%
CVSS Severity
CVSS v3 Score 9.1
Products affected by CVE-2026-4374
-
cpe:2.3:a:rti:connext_professional:5.3.0
-
cpe:2.3:a:rti:connext_professional:5.3.1.40
-
cpe:2.3:a:rti:connext_professional:5.3.1.41
-
cpe:2.3:a:rti:connext_professional:5.3.1.44
-
cpe:2.3:a:rti:connext_professional:5.3.1.45
-
cpe:2.3:a:rti:connext_professional:6.0.0
-
cpe:2.3:a:rti:connext_professional:6.0.1.25
-
cpe:2.3:a:rti:connext_professional:6.0.1.35
-
cpe:2.3:a:rti:connext_professional:6.0.1.40
-
cpe:2.3:a:rti:connext_professional:6.1.0
-
cpe:2.3:a:rti:connext_professional:6.1.1
-
cpe:2.3:a:rti:connext_professional:6.1.1.2
-
cpe:2.3:a:rti:connext_professional:6.1.2.17
-
cpe:2.3:a:rti:connext_professional:6.1.2.19
-
cpe:2.3:a:rti:connext_professional:6.1.2.21
-
cpe:2.3:a:rti:connext_professional:6.1.2.23
-
cpe:2.3:a:rti:connext_professional:6.1.2.26
-
cpe:2.3:a:rti:connext_professional:6.1.2.27
-
cpe:2.3:a:rti:connext_professional:7.0.0
-
cpe:2.3:a:rti:connext_professional:7.1.0
-
cpe:2.3:a:rti:connext_professional:7.2.0
-
cpe:2.3:a:rti:connext_professional:7.3.0
-
cpe:2.3:a:rti:connext_professional:7.3.0.10
-
cpe:2.3:a:rti:connext_professional:7.3.0.2
-
cpe:2.3:a:rti:connext_professional:7.3.0.5
-
cpe:2.3:a:rti:connext_professional:7.3.0.7
-
cpe:2.3:a:rti:connext_professional:7.3.0.8
-
cpe:2.3:a:rti:connext_professional:7.3.0.9
-
cpe:2.3:a:rti:connext_professional:7.4.0
-
cpe:2.3:a:rti:connext_professional:7.5.0
-
cpe:2.3:a:rti:connext_professional:7.6.0