CVE-2026-9153
- EPSS 0.31%
- Veröffentlicht 25.06.2026 00:33:02
- Zuletzt bearbeitet 27.06.2026 19:26:38
Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.
CVE-2026-9154
- EPSS 0.28%
- Veröffentlicht 25.06.2026 00:29:29
- Zuletzt bearbeitet 27.06.2026 19:25:30
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.
CVE-2026-9155
- EPSS 0.92%
- Veröffentlicht 25.06.2026 00:25:22
- Zuletzt bearbeitet 27.06.2026 19:24:54
OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation.
CVE-2026-5958
- EPSS 0.14%
- Veröffentlicht 20.04.2026 11:59:32
- Zuletzt bearbeitet 19.05.2026 15:17:37
When sed is invoked with both -i (in-place edit) and --follow-symlinks, the function open_next_file() performs two separate, non-atomic filesystem operations on the same path: 1. resolves symlink to its target and stores the resolved path for determ...