{"vulnerability": "cve-2026-44194", "sightings": [{"uuid": "86e091fa-baad-4560-bc88-8969e9846337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44194", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlroahvcxq2q", "content": "CVE-2026-44194 - OPNsense: RCE on user managment\nCVE ID : CVE-2026-44194\n \n Published : May 13, 2026, 10:16 p.m. | 2\u00a0hours, 8\u00a0minutes ago\n \n Description : OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution (RCE) v...", "creation_timestamp": "2026-05-14T01:31:07.887187Z"}, {"uuid": "7f3e0963-3492-4934-a77b-1b5b7e721643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44194", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mlryba3tgh2v", "content": "CRITICAL: OPNsense core <26.1.8 has a command injection bug (CVSS 9.1). Authenticated users can gain root. Upgrade to 26.1.8+ now! \ud83d\udd12 https://radar.offseq.com/threat/cve-2026-44194-cwe-78-improper-neutralization-of-s-a7008329 #OffSeq #OPNsense #CyberAlert", "creation_timestamp": "2026-05-14T04:30:30.727169Z"}, {"uuid": "29b22dd6-0aa3-4e33-a70d-cf51ea2e49a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-44194", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116571047724307908", "content": "\ud83d\udea8 CVE-2026-44194 (CVSS 9.1): OPNsense core <26.1.8 is vulnerable to OS command injection via sync_user.php. Authenticated users with user-management rights can gain root. Update to 26.1.8 ASAP. https://radar.offseq.com/threat/cve-2026-44194-cwe-78-improper-neutralization-of-s-a7008329 #OffSeq #OPNsense #Vuln #BlueTeam", "creation_timestamp": "2026-05-14T04:30:48.246198Z"}, {"uuid": "22444c32-a752-4e4e-8d2a-a9487e053804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44194", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mlrygxaxcz25", "content": "OPNsense Critical Root RCE (CVE-2026-44194 & CVE-2026-45158) Details and PoC Disclosed", "creation_timestamp": "2026-05-14T04:33:42.543964Z"}, {"uuid": "cbce1668-b818-4e0f-bb99-9c8aa3489fe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44194", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mm2jv3a3zh2y", "content": "\ud83d\udccc CVE-2026-44194 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution (RCE) vulnerability in the OPNsense... https://www.cyberhub.blog/cves/CVE-2026-44194", "creation_timestamp": "2026-05-17T14:07:08.024301Z"}]}