Kong Insomnia Untrusted Search Path Vulnerability in profapi.dll

Vulnerability

A critical vulnerability has been identified in Kong Insomnia versions prior to 10.3.0, related to an untrusted search path issue in the profapi.dll library. This vulnerability requires local exploitation and is characterized by a high complexity, making it difficult to exploit. Currently, the existence of this vulnerability is under question, as the vendor has been unable to reproduce the issue.

Impact

Exploitation of this vulnerability could lead to local privilege escalation by manipulating the search path to load malicious libraries.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kong Insomnia Untrusted Search Path Vulnerability in profapi.dll

Vulnerability

Impact

Affected Products

Kong Insomnia

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating