Lucene search
K

59 matches found

RedhatCVE
RedhatCVE
added 2026/04/18 7:22 a.m.4 views

CVE-2026-6482

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/17 6:31 a.m.4 views

EUVD-2026-23376

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/04/17 6:16 a.m.7 views

CVE-2026-6482

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/17 5:19 a.m.5 views

CVE-2026-6482

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/17 5:19 a.m.30 views

CVE-2026-6482 Local Privilege Escalation via OpenSSL configuration file in Insight Agent

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.11 views

Rapid7 Insight Agent 安全漏洞

Rapid7 Insight Agent is a lightweight software developed by Rapid7 Corporation in the United States. This software is designed to collect data from IT assets. Versions of Rapid7 Insight Agent starting from 4.1.0.2 contain security vulnerabilities. These vulnerabilities stem from the agent service...

9.3CVSS6.1AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.9 views

PT-2026-33413

The Rapid7 Insight Agent versions 4.1.0.2 is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard...

9.3CVSS5.9AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/08 6:34 p.m.4 views

EUVD-2026-20505

An eval injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS mTLS to verify commands from the Rapid7 Platform, it is...

6.6CVSS6.5AI score0.0041EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 3:59 p.m.2 views

CVE-2026-4837 Eval Injection in Rapid7 Insight Agent

An eval injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS mTLS to verify commands from the Rapid7 Platform, it is...

6.6CVSS6.5AI score0.0041EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 3:59 p.m.16 views

CVE-2026-4837

CVE-2026-4837 concerns an eval() injection in the beaconing logic of the Rapid7 Insight Agent for Linux. Reported across multiple sources, it could theoretically allow remote code execution as root via a crafted beacon response. The internal mechanism relies on mutual TLS (mTLS) to verify command...

7.2CVSS6.5AI score0.0041EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31327

Name of the Vulnerable Software and Affected Versions Rapid7 Insight Agent versions affected versions not specified Description A flaw exists in the beaconing logic of the Rapid7 Insight Agent for Linux, potentially allowing an attacker to execute code remotely as root through a crafted beacon...

6.6CVSS6AI score0.0041EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

Rapid7 Insight Agent 安全漏洞

Rapid7 Insight Agent is a lightweight software developed by Rapid7 Corporation in the United States. This software is capable of collecting data from IT assets. Rapid7 Insight Agent has a security vulnerability, which stems from an eval function injection, potentially leading to remote code...

6.6CVSS6.1AI score0.0041EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2019-15204

Malware in sbrugna...

7.8CVSS7.7AI score0.00868EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-14339

Malware in sbrugna...

7.8CVSS7.7AI score0.00911EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-33779

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00722EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48899

Malicious code in bioql PyPI...

3.1CVSS6.6AI score0.00177EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-33921

Malicious code in bioql PyPI...

4CVSS4.8AI score0.0022EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-33913

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00319EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34105

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-15432

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00453EPSS
Exploits1References2
Rows per page
Query Builder