Vulnerabilidades en Rapid7
100 resultadosCVE-2026-6863MEDIUMHTTP Filestore Endpoints Misapply Permissions Across OrganizationsEPSS 0.2%CVE-2024-0394HIGHRapid7 Minerva Armor Privilege EscalationEPSS 0.2%CVE-2022-35631—Filesystem race on temporary filesEPSS 0.2%CVE-2026-6290HIGHVelociraptor Query() Plugin Misapplies Permissions To OrgsEPSS 0.2%CVE-2026-8662LOWPath Traversal in Rapid7 InsightConnect Compression PluginEPSS 0.2%CVE-2021-4016MEDIUMRapid7 Insight Agent Improper Access ControlEPSS 0.2%CVE-2025-0914LOWVelociraptor Shell Plugin Prevent_execve BypassEPSS 0.2%CVE-2024-2745LOWRapid7 InsightVM Sensitive Information Exposure via URLEPSS 0.2%CVE-2026-6482HIGHLocal Privilege Escalation via OpenSSL configuration file in Insight AgentEPSS 0.2%CVE-2024-8042LOWRapid7 Insight Platform Unauthorized Empty Group CreationEPSS 0.2%CVE-2024-3185MEDIUMRapid7 Insight Agent Sensitive Key Exposed To Local UsersEPSS 0.2%CVE-2026-7373HIGHMetasploit Pro on Windows: Local Privilege Escalation via OpenSSL Configuration File LoadingEPSS 0.2%CVE-2024-10526HIGHRapid7 Velociraptor Local Privilege Escalation In Windows Velociraptor ServiceEPSS 0.2%CVE-2025-4951MEDIUMEditions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName" fieldEPSS 0.2%CVE-2026-8795HIGHA YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostnamEPSS 0.1%CVE-2026-1814MEDIUMRapid7 Nexpose Insecure Java Keystore Password GenerationEPSS 0.1%CVE-2026-1568CRITICALRapid7 InsightVM Signature Validation VulnerabilityEPSS 0.1%CVE-2025-36857LOWRapid7 Appspider Broken Access Control VulnerabilityEPSS 0.1%CVE-2025-11195LOWRapid7 AppSpider Project Name Validation BypassEPSS 0.1%CVE-2026-4482MEDIUMInsight Agent Private Key Information Disclosure via Inherited File PermissionsEPSS 0.1%