Arbitrary File Read Vulnerability in Rapid7 InsightConnect Sed Plugin
CVE-2026-9153
6.5MEDIUM
What is CVE-2026-9153?
The Rapid7 InsightConnect Sed Plugin on Linux contains an Arbitrary File Read vulnerability that allows authenticated attackers to access sensitive files. This security issue arises from inadequate input validation associated with the expression parameter, posing a risk of unauthorized data exposure.
Affected Version(s)
InsightConnect Sed Plugin Linux 0 < 2.0.5
InsightConnect Sed Plugin Linux 2.0.5
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Sebastián Alba Vives (@Sebasteuo / 0xs4bbi), Independent security researcher, Costa Rica
