VYPR

Velociraptor

by Velocidex

Source repositories

CVEs (6)

  • CVE-2024-10526HigNov 7, 2024
    risk 0.56cvss epss 0.00

    Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control…

  • CVE-2026-8795HigJun 9, 2026
    risk 0.44cvss 7.8epss 0.00

    A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client_info.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker…

  • CVE-2026-6948MedMay 4, 2026
    risk 0.32cvss 4.9epss 0.00

    Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor client to crash the server via out-of-memory (OOM) by sending crafted messages through the normal client…

  • CVE-2025-0914LowFeb 27, 2025
    risk 0.25cvss 3.8epss 0.00

    An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4 allowed authenticated users to execute the execve() plugin in deployments where this was explicitly forbidden by configuring the prevent_execve flag in the configuration file. This…

  • CVE-2025-14728Dec 29, 2025
    risk 0.00cvss epss 0.00

    Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written outside the datastore directory. Velociraptor is normally only allowed to write in the datastore directory. The issue…

  • CVE-2022-35631Jul 29, 2022
    risk 0.00cvss epss 0.00

    On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.