Threats Tagged 'cve-2026-8795'
View all threats tagged with 'cve-2026-8795'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-8795'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-8795: CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in Rapid7 VelociraptorCVE-2026-8795 0 CVE-2026-8795 is a high-severity YAML injection vulnerability in Rapid7 Velociraptor before version 0. 76. 6. It occurs in the Windows. Collectors. Remapping artifact where the hostname field from client_info. json inside a collection ZIP is inserted into a YAML template without proper escaping. An attacker can craft a collection ZIP with malicious hostname content to break out of the YAML quoted string and inject arbitrary mount remapping entries. When an analyst applies this remapping file with the --remap option, arbitrary VQL code executes with full permissions and no sandboxing, posing a significant risk. Join the discussion | CVE Database V5 | 06/09/2026, 01:04:21 UTC Added: 06/09/2026, 01:18:40 UTC |
Showing 1 to 1 of 1 result