Back to search
CVE-2025-1087
Published: May 9, 2025
Modified: Sep 17, 2025
PUBLISHED
Description
Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, which can lead to arbitrary JavaScript execution in the context of the application.
| Vendor | Product | Versions |
|---|---|---|
Kong Inc. | Insomnia | affected n/a - <= 11.0.2 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now