Unrated severityNVD Advisory· Published Jun 24, 2026
OS Command Injection in Rapid7 InsightConnect RPM Plugin
CVE-2026-8663
Description
OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficient input sanitization in shell command construction.
Affected products
1Patches
Vulnerability mechanics
References
1- extensions.rapid7.com/extension/rpmmitrevendor-advisory
News mentions
0No linked articles in our index yet.