HomeCVE Intelligence › CVE-2026-53582
CVSS 8.0 HIGH Zero-Day Exploit

CVE-2026-53582: OPNsense XPATH Injection (CVE-2026-53582)

<p>Posted by evan on Jul 06</p>SUMMARY: a stored XPATH injection allows any user with just ca<br> manager/certificate manager perms to leak any secret key/any value in<br> config.xml, thus achiev…

8.0CVSS Score
HIGHSeverity
NOCISA KEV
Zero-Day ExploitImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-53582
VendorSecLists
Affected ProductMultiple Targets
Vulnerability TypeZero-Day Exploit
CVSS Score8.0 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via fulldisclosure)

🔬 Technical Analysis

<p>Posted by evan on Jul 06</p>SUMMARY: a stored XPATH injection allows any user with just ca<br> manager/certificate manager perms to leak any secret key/any value in<br> config.xml, thus achieving privilege escalation and potentially remote<br> code execution. this can also likely be chained via csrf and some<br> clever hiding. see<br> <a rel="nofollow" href="https://github.com/opnsense/core/security/advisories/GHSA-xww7-76m6-mh2r">https://github.com/opnsense/core/security/advisories/GHSA-xww7-76m6-mh2r</a><br> &

🎯 Known Indicators of Compromise

{"type":"url","value":"https://github.com/opnsense/core/security/advisories/GHSA-xww7-76m6-mh2r">https://github.com","confidence_score":0.82,"first_seen":"2026-07-07","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-53582 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence