HIGHCVE-2026-4374Published Modified CNA RTI
CVE-2026-4374: Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...
Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...
Metrics
- CVSS v4.0
- 8.8
- Severity
- HIGH
- Fixed in
- 5.3.*
- Affected Products
- 1
Fix available
5.3.*6.0.*6.1.*7.3.1.17.7.0
Affected packages
- RTI / Connext Professional< 7.7.0 (from 7.4.0) · < 7.3.1.1 (from 7.1.0) · < 6.1.* (from 6.1.0) · < 6.0.* (from 6.0.0) · < 5.3.* (from 5.3.0)
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:NReferences