Rapid7 Blog ·EN Vendor research

Metasploit Wrap-Up 05-06-2026

By Rapid7·Jun 5, 2026·4 min read

When Open Source is a bit too Open

Several fun modules landed this week, including an Apache RCE, Windows Kernel pointer collection, and Gogs RCE via naming. Leading off is Gogs' RCE that allows an attacker to execute commands by naming their branch --exec <command> and requesting a rebase.…

Continue reading on Rapid7 Blog