Unrated severityNVD Advisory· Published Jun 25, 2026
OS Command Injection in Rapid7 InsightConnect SQLmap Plugin
CVE-2026-8659
Description
OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.
Affected products
1Patches
Vulnerability mechanics
References
1- extensions.rapid7.com/extension/sqlmapmitrevendor-advisory
News mentions
0No linked articles in our index yet.