CVE-2026-8665 Rapid7 CVE debrief

Who should care

Security teams and administrators responsible for Linux systems and Rapid7 InsightConnect Translate Plugin should be aware of this vulnerability. They should prioritize patching or mitigating this vulnerability to prevent potential attacks. Additionally, security teams should monitor for potential exploitation attempts.

Technical summary

The vulnerability is caused by insufficient input sanitization in shell command construction in the TR action of Rapid7 InsightConnect Translate Plugin on Linux. An attacker can exploit this vulnerability by sending malicious input via the text or expression parameters, allowing them to execute arbitrary OS commands. The vulnerability has a CVSS score of 7.7 and is classified as HIGH severity. The CVE is related to CWE-78. The vulnerability affects Rapid7 InsightConnect Translate Plugin version up to 2.0.3.

Defensive priority

High priority should be given to patching or mitigating this vulnerability. Security teams should work with system administrators to ensure that affected systems are updated or mitigated as soon as possible.

Recommended defensive actions

• Patch or update Rapid7 InsightConnect Translate Plugin to version 2.0.4 or later.
• Implement input validation and sanitization for the text and expression parameters.
• Monitor for potential exploitation attempts and implement additional security controls as needed.
• Review and update incident response plans to address potential exploitation of this vulnerability.
• Consider implementing compensating controls, such as Web Application Firewalls (WAFs), to detect and prevent exploitation attempts.

Evidence notes

The CVE-2026-8665 vulnerability was published on June 25, 2026, and last modified on June 29, 2026. The vulnerability affects Rapid7 InsightConnect Translate Plugin version up to 2.0.3. The CVE is related to CWE-78. The vulnerability has a CVSS score of 7.7 and is classified as HIGH severity.

Official resources