Cyber Resilience

CVE-2026-4837

MediumRCEUpdated

Published: 08 April 2026

Published
08 April 2026
Modified
02 June 2026
KEV Added
Patch
CVSS Score v3.1 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0041 61.6th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-4837 is a medium-severity Eval Injection (CWE-95) vulnerability in Rapid7 Insight Agent. Its CVSS base score is 6.6 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Python (T1059.006); ranked in the top 38.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS (mTLS) to verify…

more

commands from the Rapid7 Platform, it is unlikely that the eval() function could be exploited remotely without prior, highly privileged access to the backend platform.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Eval injection in agent beacon logic directly enables arbitrary code execution (T1059.006 Python) with root privileges (T1068).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

Affected Assets

rapid7
insight agent
≤ 4.1.0.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References