CVE-2026-2467
Published: 17 June 2026
Summary
CVE-2026-2467 is a critical-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Rti (inferred from references). Its CVSS base score is 9.2 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 10.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-37770
Vulnerability details
Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from…
more
5.0.0 before 5.2.*.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Heap buffer overflow (CWE-122) directly enables remote exploitation for code execution or privilege escalation in a networked middleware library.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.