Is CVE-2026-8659 being exploited?

No public exploit is currently tracked.

How severe is CVE-2026-8659?

CVE-2026-8659 has a CVSS v3 severity of MEDIUM (6).

Back

CVE-2026-8659

Description

OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.