CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-8659

OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 49.6%

CVSS Severity

CVSS v3 Score 6.0

References

https://extensions.rapid7.com/extension/sqlmap

Products affected by CVE-2026-8659

Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-8659

Products

Pricing

Contact Us