Skip to main content

Connext Micro

2 CVEs product

Monthly

CVE-2026-30803 HIGH This Week

Remote information disclosure and denial of service in RTI Connext Micro core libraries (versions 4.0.0 through 4.2.x) allow unauthenticated network attackers to trigger an integer underflow that results in an out-of-bounds buffer overread. Exploitation requires no authentication or user interaction and can leak sensitive memory contents while potentially crashing the affected process. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Integer Overflow Information Disclosure Connext Micro
NVD
CVSS 4.0
8.8
EPSS
0.3%
CVE-2026-30802 HIGH This Week

Out-of-bounds read in RTI Connext Micro Core Libraries (versions 4.0.0 up to but not including 4.3.0) allows remote unauthenticated attackers to read beyond allocated buffer boundaries, leading to limited information disclosure and a high availability impact (likely process crash of the DDS middleware). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV. The CVSS 4.0 base score of 8.8 reflects network reachability of the DDS protocol stack with no privileges or user interaction required.

Information Disclosure Buffer Overflow Connext Micro
NVD VulDB
CVSS 4.0
8.8
EPSS
0.3%
EPSS 0% CVSS 8.8
HIGH This Week

Remote information disclosure and denial of service in RTI Connext Micro core libraries (versions 4.0.0 through 4.2.x) allow unauthenticated network attackers to trigger an integer underflow that results in an out-of-bounds buffer overread. Exploitation requires no authentication or user interaction and can leak sensitive memory contents while potentially crashing the affected process. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Integer Overflow Information Disclosure Connext Micro
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Out-of-bounds read in RTI Connext Micro Core Libraries (versions 4.0.0 up to but not including 4.3.0) allows remote unauthenticated attackers to read beyond allocated buffer boundaries, leading to limited information disclosure and a high availability impact (likely process crash of the DDS middleware). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV. The CVSS 4.0 base score of 8.8 reflects network reachability of the DDS protocol stack with no privileges or user interaction required.

Information Disclosure Buffer Overflow Connext Micro
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy