CVE Catalog

CVE-2026-9154

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.28%

19th percentile — higher than 19% of all known CVEs

Summary

Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.

Risk Assessment

The risk involves overwriting critical system or configuration files, potentially leading to privilege escalation, permanent system damage, or application takeover.

Recommendation

Immediately update the Sed Plugin to the latest version and restrict access to the expression parameter to trusted users only.

Original NVD description (English source)

Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS