[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-44193":6},{"stargazers_count":4,"fetched_at":5},5,"2026-05-14T08:40:00.356Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":39,"aliases":40,"duplicate_of":9,"upstream":41,"downstream":42,"duplicates":43,"related":44,"reserved_at":9,"published_at":45,"modified_at":45,"state":46,"summary":47,"references_raw":54,"kevs":61,"epss":9,"epss_history":62,"metrics":63,"affected":71},"CVE-2026-44193","OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restore_config_section fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-88","Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')","The product constructs a string for a command to be executed by a separate component\nin another control sphere, but it does not properly delimit the\nintended arguments, options, or switches within that command string.","weakness","Draft","Base",[19,23,27,31,35],{"id":20,"name":21,"techniques":22},"CAPEC-137","Parameter Injection",[],{"id":24,"name":25,"techniques":26},"CAPEC-174","Flash Parameter Injection",[],{"id":28,"name":29,"techniques":30},"CAPEC-41","Using Meta-characters in E-mail Headers to Inject Malicious Payloads",[],{"id":32,"name":33,"techniques":34},"CAPEC-460","HTTP Parameter Pollution (HPP)",[],{"id":36,"name":37,"techniques":38},"CAPEC-88","OS Command Injection",[],[],[],[],[],[],[],"2026-05-13T21:52:04.150Z","Received",{"cisa_kev":48,"cisa_ransomware":48,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":49,"severity_score":50,"severity_version":51,"severity_source":52,"severity_vector":53,"severity_status":46},false,"critical",9.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",[55],{"url":56,"sources":57,"tags":59},"https://github.com/opnsense/core/security/advisories/GHSA-xxp9-93cr-x54p",[52,58],"nvd",[60],"X Refsource CONFIRM",[],[],[64,69],{"source":52,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":65,"cvss_v4_0":9},{"baseScore":50,"baseSeverity":66,"vectorString":53,"impactScore":67,"exploitabilityScore":68},"CRITICAL",10,5.9,{"source":58,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":70,"cvss_v4_0":9},{"baseScore":50,"baseSeverity":66,"vectorString":53,"impactScore":67,"exploitabilityScore":68},[72],{"ecosystem":9,"name":73,"vendor":74,"product":73,"cpe_part":75,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":76},"core","opnsense","a",[77],{"version":78,"is_range":79,"range_type":52,"version_start":9,"version_start_type":9,"version_end":80,"version_end_type":81,"fixed_in":9},"\u003C 26.1.7",true,"26.1.7","excluding"]