These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-8662 is a Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux. The vulnerability allows authenticated attackers to write to unintended file paths via crafted filename input. The impact is limited to file corruption as content cannot be controlled by the attacker. The Common Vulnerability Scoring System (CVSS) score for this vulnerabilit [truncated]
CVE-2026-8666 is an OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux. The vulnerability allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, count, or time_out request parameters. This is due to insufficient input validation when constructing shell commands. The CVE has a CVSS score of 7.7 and is classified as [truncated]
CVE-2026-8665 is an OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux. The vulnerability allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction. This CVE has a CVSS score of 7.7 and is classified as HIGH severity. The vulnerability was published [truncated]
CVE-2026-8664 is an OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux. Authenticated attackers can execute arbitrary OS commands via the user or host parameters due to insufficient input validation in shell command construction. The vulnerability has a CVSS score of 6 and a severity of MEDIUM. It was published on June 25, 2026, and last modified on June 29, 2026. The CVE r [truncated]
CVE-2026-8592 is an OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux. The vulnerability allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline. This CVE was published on June 25, 2026, and has a CVSS score of 7.7, classified as HIGH. The vu [truncated]
CVE-2026-8659 is an OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux. Authenticated attackers can execute arbitrary OS commands via the 'api_host' or 'api_port' parameters during connection configuration due to insufficient input validation. This vulnerability has a CVSS score of 6, indicating a medium severity level. The CVE was published on June 25, 2026, and last modif [truncated]
CVE-2026-8795 is a high-severity vulnerability in Rapid7 Velociraptor, a threat detection and response platform. The vulnerability exists in the Windows.Collectors.Remapping artifact and allows for YAML injection attacks. An attacker can provide a crafted collection ZIP file that, when processed, injects arbitrary VQL code, leading to code execution with elevated privileges.
CVE-2026-4482 is a medium-severity vulnerability affecting Rapid7 Insight Agent. The installer certificate files have improper permissions on Windows systems, potentially exposing agent identity material to locally authenticated standard users.
CVE-2017-5235 is a DLL preloading issue affecting Rapid7 Metasploit Pro installers. According to the CVE description, an attacker could place a malicious DLL in the installer’s current working directory and influence what the installer loads. NVD rates the issue HIGH with CVSS 3.0 7.8, reflecting the potential for local code execution when a user runs the installer. Rapid7’s advisory references a fixed in [truncated]
CVE-2017-5234 affects Rapid7 Insight Collector installers prior to 1.0.16. The NVD record states that the installer may load a malicious DLL from its current working directory, which can lead to code execution when a user runs the installer. NVD rates the issue HIGH with CVSS 7.8, and the CVE was published on 2017-03-02.
CVE-2017-5233 is a DLL preloading issue in Rapid7 AppSpider Pro installers before version 6.14.053. If the installer is launched from a directory containing a malicious DLL, it may load that DLL instead of the intended library. The risk is highest during installation, where a local attacker or a user working from an untrusted directory could influence code execution.
CVE-2017-5232 is a DLL preloading weakness in Rapid7 Nexpose installers affecting versions prior to 6.4.24. If the installer is launched from a directory containing a malicious DLL with a name the installer resolves, it may load that file during installation. The issue was publicly disclosed on 2017-03-02 and carries a high CVSS 3.0 score because successful abuse can impact confidentiality, integrity, and [truncated]
CVE-2017-5231 is a directory traversal issue in Rapid7 Metasploit’s Meterpreter stdapi CommandDispatcher.cmd_download() function. A specially crafted Meterpreter build can write to an arbitrary directory on the Metasploit console using the permissions of the running Metasploit instance. CVSS is HIGH (7.1). The CVE was published on 2017-03-02 and later modified by NVD on 2026-05-13.
CVE-2017-5230 affects Rapid7 Nexpose versions prior to 6.4.50. The issue is that the Java keystore used to store saved scan credentials is protected by a static password that users cannot change, weakening the security of credentials intended to be stored on disk. Rapid7’s release notes point to 6.4.50 as the fixed version, and the NVD entry classifies the weakness as CWE-798 (Use of Hard-coded Credentials).
CVE-2017-5229 is a high-severity directory traversal issue in Rapid7 Metasploit’s Meterpreter extapi Clipboard.parse_dump() path handling. A specially crafted Meterpreter build could cause the Metasploit console to write into an arbitrary directory with the privileges of the running instance. The vulnerability was published on 2017-03-02; NVD later updated the record on 2026-05-13.
CVE-2017-5228 is a directory traversal flaw in Rapid7 Metasploit's Meterpreter stdapi Dir.download() function. Per the CVE description, an attacker using a specially crafted Meterpreter build can write to an arbitrary directory on the Metasploit console with the permissions of the running Metasploit instance. The issue was published on 2017-03-02 and carries a HIGH severity rating. Defensive focus should [truncated]