CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

194 matches found

Rapid7 Blog•added 2026/02/09 7:0 p.m.•8 views

Vulnerability Found in InsightVM & Nexpose: CVE-2026-1814 (FIXED)

We are grateful to the research team at Atredis for sharing their findings around a vulnerability CVE-2026-1814 impacting our vulnerability management offerings InsightVM and Nexpose. We have identified a fix that addresses this vulnerability and will be delivered via a Security Console product...

6.8CVSS5.6AI score0.00006EPSS

Exploits0

RedhatCVE•added 2026/02/04 7:27 p.m.•3 views

CVE-2026-1568

Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service ACS cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup via "Security Console" installations, resulting in full account takeover. The...

9.6CVSS5.4AI score0.00021EPSS

Exploits0References1

NVD•added 2026/02/03 5:15 p.m.•5 views

CVE-2026-1568

9.6CVSS0.00021EPSS

Exploits0References1

Cvelist•added 2026/02/03 4:47 p.m.•26 views

CVE-2026-1568 Rapid7 InsightVM Signature Validation Vulnerability

9.6CVSS0.00021EPSS

Exploits0References1

EUVD•added 2026/02/03 4:47 p.m.•3 views

EUVD-2026-5244

9.6CVSS5.4AI score0.00021EPSS

Exploits0References1

Vulnrichment•added 2026/02/03 4:47 p.m.•3 views

CVE-2026-1568 Rapid7 InsightVM Signature Validation Vulnerability

9.6CVSS5.4AI score0.00021EPSS

Exploits0References1

ATTACKERKB•added 2026/02/03 4:47 p.m.•3 views

CVE-2026-1568

9.6CVSS5.4AI score0.00021EPSS

Exploits0References2

CVE•added 2026/02/03 4:47 p.m.•11 views

CVE-2026-1568

Rapid7 InsightVM is affected. In affected releases prior to 8.34.0, a signature verification flaw exists on the ACS cloud endpoint used in the Security Console installations. This flaw allows an attacker to process unsigned assertions and issue session cookies that grant access to targeted user a...

9.6CVSS5.4AI score0.00021EPSS

Exploits0References1

CNNVD•added 2026/02/03 12:0 a.m.•4 views

Rapid7 InsightVM 安全漏洞

Rapid7 InsightVM is a vulnerability scanning and management application developed by Rapid7, Inc. Versions of Rapid7 InsightVM prior to 8.34.0 contain security vulnerabilities. These vulnerabilities stem from issues with signature verification at the cloud point of the consumer service. As a...

9.6CVSS5.8AI score0.00021EPSS

Exploits0References2

Positive Technologies•added 2026/02/03 12:0 a.m.•4 views

PT-2026-6046

Name of the Vulnerable Software and Affected Versions Rapid7 InsightVM versions prior to 8.34.0 Description Rapid7 InsightVM installations utilizing the "Security Console" setup are susceptible to a signature verification flaw on the Assertion Consumer Service ACS cloud endpoint. This issue allow...

9.6CVSS5.5AI score0.00021EPSS

Exploits0References6

Snyk•added 2026/01/16 4:43 p.m.•2 views

Malicious Package

Overview insightvm-ui-nav-menus is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS6.8AI score

Exploits0References2

EUVD•added 2026/01/16 12:10 a.m.•3 views

EUVD-2026-3070

Malicious code in insightvm-ui-nav-menus npm...

6.6AI score

Exploits0References1

OSV•added 2026/01/16 12:10 a.m.•3 views

MAL-2026-288 Malicious code in insightvm-ui-nav-menus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f24e901eb03445094160df9df30313f817015ba26cdd09e82d4f527261acda35 The package insightvm-ui-nav-menus was found to contain malicious code. Source: ghsa-malware...

6.8AI score

Exploits0References1