CVE-2026-4374CRITICAL 9.1EPSS p14.2%

CVE-2026-4374CVE-2026-4374

Description

Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...

Scoring

CVSS 3.19.1 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS0.24% probability of exploitation · percentile 14.2% · 2026-06-19T12:03:05Z
Published2026-04-01
Last modified2026-04-21

Underlying weaknesses· 1

CWE-611

References

  1. https://www.rti.com/vulnerabilities/#cve-2026-4374

1

TypeTargetConfidenceTier
WeaknessImproper Restriction of XML External Entity Referencecwe-6110%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-14543
CVE
CVE-2025-4993
CVE
CVE-2026-8045
CVE
CVE-2025-1255
CVE
NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability
CVE
CVE-2024-5625
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.