InsightConnect Sed Plugin

CVEs (5)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2026-9153	Rapid7 InsightConnect Sed Plugin	—	—	Jun 25, 2026	Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.
CVE-2026-9154	Rapid7 InsightConnect Sed Plugin	—	—	Jun 25, 2026	Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.
CVE-2026-9155	Rapid7 InsightConnect Sed Plugin	—	—	Jun 25, 2026	OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.
CVE-2026-8659	Rapid7 InsightConnect Sed Plugin	—	—	Jun 25, 2026	OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.
CVE-2026-8663	Rapid7 InsightConnect Sed Plugin	—	—	Jun 24, 2026	OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficient input sanitization in shell command construction.

CVE-2026-9153Jun 25, 2026
Rapid7
InsightConnect Sed Plugin
risk 0.00cvss —epss —
Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.
CVE-2026-9154Jun 25, 2026
Rapid7
InsightConnect Sed Plugin
risk 0.00cvss —epss —
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.
CVE-2026-9155Jun 25, 2026
Rapid7
InsightConnect Sed Plugin
risk 0.00cvss —epss —
OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.
CVE-2026-8659Jun 25, 2026
Rapid7
InsightConnect Sed Plugin
risk 0.00cvss —epss —
OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.
CVE-2026-8663Jun 24, 2026
Rapid7
InsightConnect Sed Plugin
risk 0.00cvss —epss —
OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficient input sanitization in shell command construction.