<p>Posted by evan on Jul 06</p>SUMMARY: a stored XPATH injection allows any user with just ca<br> manager/certificate manager perms to leak any secret key/any value in<br> config.xml, thus achiev…
| CVE ID | CVE-2026-53582 |
| Vendor | SecLists |
| Affected Product | Multiple Targets |
| Vulnerability Type | Zero-Day Exploit |
| CVSS Score | 8.0 (HIGH) |
| Actively Exploited | ❌ No known exploitation |
| Patch Status | See Vendor Advisory → |
| Reported By | CYBERDUDEBIVASH SENTINEL APEX Intelligence (via fulldisclosure) |
<p>Posted by evan on Jul 06</p>SUMMARY: a stored XPATH injection allows any user with just ca<br> manager/certificate manager perms to leak any secret key/any value in<br> config.xml, thus achieving privilege escalation and potentially remote<br> code execution. this can also likely be chained via csrf and some<br> clever hiding. see<br> <a rel="nofollow" href="https://github.com/opnsense/core/security/advisories/GHSA-xww7-76m6-mh2r">https://github.com/opnsense/core/security/advisories/GHSA-xww7-76m6-mh2r</a><br> &
Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.