Unrated severityNVD Advisory· Published Jun 25, 2026

OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.

CVE-2026-9155

Description

OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.

Affected products

Rapid7/InsightConnect Sed Pluginllm-fuzzy

Patches

Vulnerability mechanics

References

extensions.rapid7.com/extension/sedmitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000