CVE-2026-7300 | Buffer Copy without Checking Size of Input ('Classic Buffer … | CVSS 8.8 HIGH

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filter Failure through Buffer Overflow.This issue affects Connext Professional: from 7.4.0 before 7.*, from 7.0.0 before 7.3.1.3, from 6.1.2 before 6.1.*.

Metadata

CVE ID: CVE-2026-7300
State: PUBLISHED
Assigner: RTI
Reserved: 2026-04-28 11:35 UTC
Published: 2026-06-17 17:20 UTC
Last updated: 2026-06-17 18:00 UTC
Primary CWE: CWE-120
CWE-120 Buffer Copy without Checking Size of Input ('Classic…
Vendor / Product: RTI / Connext Professional
Sources: cve.org · NVD

Severity & Metrics

8.8 HIGH CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

SSVC — CISA Coordinator

Exploitation: none
Automatable: yes
Tech. Impact: partial

Affected products (1)

Vendor	Product	Platform	Versions
RTI	Connext Professional	—	7.4.0 < 7., 7.0.0 < 7.3.1.3, 6.1.2 < 6.1.

Weakness (CWE)

CWE	Source	Description
CWE-120	cna	CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVSS scores (2)

Score	Severity	Version	Source	Vector
8.8	HIGH	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
8.8	HIGH	4.0	cna	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

References (1)

https://www.rti.com/vulnerabilities/#cve-2026-7300