{"vulnerability": "CVE-2026-45158", "sightings": [{"uuid": "c1a7ac54-c057-44b1-88bf-14fb3e115e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45158", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlrtadfcod2g", "content": "CRITICAL: OPNsense core < 26.1.8 hit by command injection (DHCP config) flaw \u2014 root RCE risk! Upgrade to 26.1.8+ now. https://radar.offseq.com/threat/cve-2026-45158-cwe-88-improper-neutralization-of-a-59c85f26 #OffSeq #OPNsense #Security", "creation_timestamp": "2026-05-14T03:00:32.063946Z"}, {"uuid": "00d2c60e-779b-43b8-9f35-41f15f91c896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-45158", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116570693909390630", "content": "\ud83d\udea8 CRITICAL: OPNsense core < 26.1.8 has CVE-2026-45158 \u2014 command injection in DHCP config allows root RCE. Upgrade to 26.1.8+ now to prevent full system compromise. Details: https://radar.offseq.com/threat/cve-2026-45158-cwe-88-improper-neutralization-of-a-59c85f26 #OffSeq #OPNsense #Vuln #Cybersecurity", "creation_timestamp": "2026-05-14T03:02:48.491749Z"}, {"uuid": "73244f64-acc0-4077-91e6-f0490355a044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45158", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mlrygxaxcz25", "content": "OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed", "creation_timestamp": "2026-05-14T04:33:42.706120Z"}, {"uuid": "47da6487-a0ce-4013-b5f4-567c7008b076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45158", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlryv364as2n", "content": "\ud83d\udd34 CVE-2026-45158 - Critical (9.1)\n\nOPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user inpu...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45158/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-14T04:46:28.611276Z"}, {"uuid": "182a28ed-55d9-4723-8f47-a7a35968d5f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45158", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlvuoqb5z42q", "content": "\ud83d\udccc CVE-2026-45158 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configur... https://www.cyberhub.blog/cves/CVE-2026-45158", "creation_timestamp": "2026-05-15T17:37:07.496314Z"}]}