Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
9.8 CRITICAL
CVE-2026-8665 — OS Command Injection in Rapid7 InsightConnect Translate Plugin

OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters d…

linux_kernel insightconnect_translate | Remote | Injection
Jun 25, 2026 Jun 29, 2026
Jun 25, 2026
Jun 29, 2026
8.8 HIGH
CVE-2026-8664 — OS Command Injection in Rapid7 InsightConnect Finger Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the user or host parameters due to insufficient …

insightconnect_finger | Remote | Injection
Jun 25, 2026 Jun 29, 2026
Jun 25, 2026
Jun 29, 2026
9.8 CRITICAL
CVE-2026-8660 — OS Command Injection in Rapid7 InsightConnect Ping Plugin

OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host parameter due to insufficient…

linux_kernel insightconnect_ping | Remote | Injection
Jun 25, 2026 Jun 29, 2026
Jun 25, 2026
Jun 29, 2026
9.8 CRITICAL
CVE-2026-8592 — OS Command Injection in Rapid7 InsightConnect AWK Plugin

OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parame…

linux_kernel insightconnect_awk | Remote | Injection
Jun 25, 2026 Jun 29, 2026
Jun 25, 2026
Jun 29, 2026
8.8 HIGH
CVE-2026-9155 — OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.

OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input …

linux_kernel sed | Remote | Injection
Jun 25, 2026 Jun 27, 2026
Jun 25, 2026
Jun 27, 2026
7.1 HIGH
CVE-2026-9154 — Arbitrary File Write in Rapid7 InsightConnect Sed Plugin

Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression paramete…

linux_kernel sed | Remote | Path Traversal
Jun 25, 2026 Jun 27, 2026
Jun 25, 2026
Jun 27, 2026
6.5 MEDIUM
CVE-2026-9153 — Arbitrary File Read in Rapid7 InsightConnect Sed Plugin

Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.

linux_kernel sed | Remote | Path Traversal
Jun 25, 2026 Jun 27, 2026
Jun 25, 2026
Jun 27, 2026
7.4 HIGH
CVE-2026-57589 — OpenBSD Use-After-Free Privilege Escalation

sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

openbsd | Memory Corruption
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9787 — Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetV…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9786 — Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9785 — Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVau…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9784 — Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVau…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9783 — Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Net…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9782 — Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVau…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9781 — Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-9780 — Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability

Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVa…

netvault_backup | Authentication
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-8663 — OS Command Injection in Rapid7 InsightConnect RPM Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficie…

linux_kernel insightconnect_rpm | Remote | Injection
Jun 25, 2026 Jun 29, 2026
Jun 25, 2026
Jun 29, 2026
8.8 HIGH
CVE-2026-8659 — OS Command Injection in Rapid7 InsightConnect SQLmap Plugin

OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during conne…

linux_kernel insightconnect_sqlmap | Remote | Injection
Jun 25, 2026 Jun 29, 2026
Jun 25, 2026
Jun 29, 2026
8.8 HIGH
CVE-2026-7570 — Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability

Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault…

netvault_backup | Injection
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
8.8 HIGH
CVE-2026-7569 — Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability

Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVa…

netvault_backup | Authentication
Jun 25, 2026 Jun 26, 2026
Jun 25, 2026
Jun 26, 2026
Showing 20 of 7988 Results