Every CVE whose affected-product data names Rapid7 Insight Agent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2019-5629 — CVSS 7.8 (high): Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path…
CVE-2021-4007 — CVSS 7.8 (high): Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path…
CVE-2026-6482 — CVSS 7.8 (high): The Rapid7 Insight Agent (versions > 4.1.0.2) is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level…
CVE-2026-4837 — CVSS 6.6 (medium): An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to…
CVE-2023-2273 — CVSS 5.8 (medium): Rapid7 Insight Agent token handler versions 3.2.6 and below, suffer from a Directory Traversal vulnerability whereby unsanitized input from…
CVE-2026-4482 — CVSS 5.5 (medium): The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users…
CVE-2022-0237 — CVSS 4.0 (medium): Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the…
CVE-2021-4016 — CVSS 4.0 (medium): Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control vulnerability whereby, the user has access to the…