CVE-2026-5329

Name of the Vulnerable Software and Affected Versions Rapid7 Velociraptor versions prior to 0.76.2

Description Rapid7 Velociraptor versions before 0.76.2 have an input validation issue in the client monitoring message handler on the Velociraptor server (primarily Linux). An authenticated remote attacker can write to arbitrary internal server queues by sending a crafted monitoring message with a malicious queue name. The server handler does not properly validate the queue name provided by the client, allowing a malicious client to write messages to privileged internal queues. This could lead to remote code execution on the Velociraptor server. Rapid7 Hosted Velociraptor instances are not affected.

Recommendations Update to version 0.76.2 or later.