CVE-2026-8666
EUVD-2026-3916125.06.2026, 02:16
OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, count, or time_out request parameters due to insufficient input validation when constructing shell commands.
Awaiting analysis
This vulnerability is currently awaiting analysis.