CVE-2026-1568

Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service ACS cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup via "Security Console" installations, resulting in full account takeover. The...

Rapid7 InsightVM跨站脚本漏洞

Rapid7 InsightVM is a vulnerability scanning and management application from Rapid7 USA. A cross-site scripting vulnerability exists in Rapid7 InsightVM 0.5.9 and prior versions, which allows an authenticated user to embed executable code in a malicious upload...