rapid7
Latest CVEs
The 15 most recently published vulnerabilities affecting rapid7.
- CVE-2026-8661Server-Side Cross-Site Scripting and SSRF in Rapid7 InsightConnect Markdown to PDF Plugin4.8
- CVE-2026-8658OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin6.0
- CVE-2026-8662Path Traversal in Rapid7 InsightConnect Compression Plugin3.3
- CVE-2026-8666OS Command Injection in Rapid7 InsightConnect Traceroute Plugin7.7
- CVE-2026-8592OS Command Injection in Rapid7 InsightConnect AWK Plugin7.7
- CVE-2026-8664OS Command Injection in Rapid7 InsightConnect Finger Plugin6.0
- CVE-2026-8665OS Command Injection in Rapid7 InsightConnect Translate Plugin7.7
- CVE-2026-8660OS Command Injection in Rapid7 InsightConnect Ping Plugin7.7
- CVE-2026-9153Arbitrary File Read in Rapid7 InsightConnect Sed Plugin6.5
- CVE-2026-9154Arbitrary File Write in Rapid7 InsightConnect Sed Plugin7.1
- CVE-2026-9155OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.8.8
- CVE-2026-8659OS Command Injection in Rapid7 InsightConnect SQLmap Plugin6.0
- CVE-2026-8663OS Command Injection in Rapid7 InsightConnect RPM Plugin6.0
- CVE-2026-8795A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client_info.json inside a collection ZIP is in...7.8
- CVE-2026-6863HTTP Filestore Endpoints Misapply Permissions Across Organizations6.8