CVE-2026-9153

Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation.
References
Link Resource
https://extensions.rapid7.com/extension/sed Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:gnu:sed:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

27 Jun 2026, 19:26

Type Values Removed Values Added
CPE cpe:2.3:a:gnu:sed:4.2.2:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
References () https://extensions.rapid7.com/extension/sed - () https://extensions.rapid7.com/extension/sed - Vendor Advisory
First Time Gnu
Linux linux Kernel
Gnu sed
Linux

25 Jun 2026, 01:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-25 01:16

Updated : 2026-06-27 19:26


NVD link : CVE-2026-9153

Mitre link : CVE-2026-9153

CVE.ORG link : CVE-2026-9153


JSON object : View

Products Affected

gnu

  • sed

linux

  • linux_kernel
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor