CVE-2026-9154
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk19th percentile — higher than 19% of all known CVEs
Summary
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.
Risk Assessment
The risk involves overwriting critical system or configuration files, potentially leading to privilege escalation, permanent system damage, or application takeover.
Recommendation
Immediately update the Sed Plugin to the latest version and restrict access to the expression parameter to trusted users only.
Original NVD description (English source)
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter.

