CVE-2026-44193 CRITICAL

CVE-2026-44193: OPNsense: RCE via XMLRPC endpoint using `opnsense.restore_config_section` method

Vendor Opnsense
Product core
Weakness CWE-88
Published May 13, 2026
Last update May 16, 2026

CVSS base score

9.1/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restore_config_section fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7.

Key dates

02Disclosure timeline

May 13, 2026 CVE published
May 16, 2026 Record updated