CVE-2026-4482

Vulnerability Description

The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any locally authenticated standard user.

Vulnerability Details

Published Date

April 10, 2026

Last Modified

April 13, 2026

CWE ID

CWE-732

Source

NVD

External References

https://docs.rapid7.com/insight/release-notes-2026-april/#improvements-and-fixes

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment