Skip to content

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Company

About us
Blog
Learn
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Home
Vendors
Opnsense

opnsense Vulnerabilities: CVEs, CISA KEV & Security Advisories

39 CVEs

opnsense Vulnerabilities

CVE security advisories and vulnerability history for opnsense.

39

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

31

Public exploits

With known exploit

6.7

Avg CVSS

2018–2026

Overview

opnsense has 39 published CVE records since 2018, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 31 have a known public exploit. The average CVSS base score across scored CVEs is 6.7.

This page aggregates every publicly disclosed vulnerability (CVE) affecting opnsense products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of opnsense's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical4

High1

Medium14

Low0

20 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

0

None of opnsense's CVEs are currently listed in CISA's KEV catalog.

Public exploits

31

31 of opnsense's CVEs have a known public exploit available.

Most affected products

The opnsense products with the most published CVEs.

core39 CVEs
opnsense39 CVEs
pfsense2 CVEs
OPNsense 25.11 CVEs

Common weakness types

The CWE weakness categories most often found in opnsense CVEs. Follow any weakness for its full explanation.

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')10 CVEs
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')3 CVEs
CWE-88Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')2 CVEs
CWE-352Cross-Site Request Forgery (CSRF)1 CVE
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')1 CVE
CWE-307Improper Restriction of Excessive Authentication Attempts1 CVE
CWE-90Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')1 CVE

CNAs that assign these CVEs

The CVE Numbering Authorities that publish opnsense CVE records.

mitre21 CVEs
VulnCheck10 CVEs
GitHub_M6 CVEs
zdi2 CVEs

Disclosure activity by year

How many opnsense CVEs were published each year.

2018

1

2019

2

2021

2

2023

15

2025

2

2026

17

Latest opnsense CVEs

The most recently disclosed vulnerabilities affecting opnsense.

OPNsense: Command Injection via Attacker-Controlled DHCP Config
CWE-88
Critical · CVSS 9.1
EPSS 0.3%2026-05-13
OPNsense: RCE on user managment
CWE-78
Critical · CVSS 9.1
EPSS 0.2%2026-05-13
OPNsense: Authentication lockout bypass
CWE-307
Medium · CVSS 5.3
EPSS 0.1%2026-05-13
OPNsense: RCE via XMLRPC endpoint using `opnsense.restore_config_section` method
CWE-88
Critical · CVSS 9.1
EPSS 0.3%2026-05-13
OPNsense has an LDAP Injection via Unsanitized Username in Authentication
CWE-90
High · CVSS 8.2
EPSS 0.3%2026-04-09
Cross-Site Request Forgery (CSRF) in opnsense/core
CWE-352
Medium · CVSS 6.3
EPSS 0.0%2026-03-11
Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability
CWE-78
Medium · CVSS 6.8
EPSS 0.2%2026-02-20
OPNsense 19.1 Reflected XSS via system_advanced_sysctl.php
CWE-79
Medium · CVSS 5.4
EPSS 0.0%2026-02-15
OPNsense 19.1 Reflected XSS via proxy endpoint
CWE-79
Medium · CVSS 6.1
EPSS 0.0%2026-02-15
OPNsense 19.1 Reflected XSS via monit interface
CWE-79
Medium · CVSS 6.1
EPSS 0.0%2026-02-15
OPNsense 19.1 Reflected XSS via vpn_ipsec_settings.php
CWE-79
Medium · CVSS 6.1
EPSS 0.0%2026-02-15
OPNsense 19.1 Stored XSS via firewall_rules_edit.php
CWE-79
Medium · CVSS 6.4
EPSS 0.0%2026-02-15

Track new opnsense CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor opnsense CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

microsoft24,097 CVEs Linux19,131 CVEs google14,281 CVEs apple14,019 CVEs oracle10,440 CVEs debian10,201 CVEs IBM8,265 CVEs Adobe7,222 CVEs

Browse all vendors

Frequently asked questions

Common questions about opnsense vulnerabilities.

How many CVEs does opnsense have?

opnsense has 39 published CVE records since 2018, including 19 in the last two years.

How many opnsense CVEs are in CISA KEV?

None of opnsense's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Which opnsense products have the most CVEs?

The opnsense products with the most published CVEs are core, opnsense, pfsense, OPNsense 25.1.

What are the most common weakness types in opnsense CVEs?

opnsense's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-88 (Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')), CWE-352 (Cross-Site Request Forgery (CSRF)).

Are there public exploits for opnsense vulnerabilities?

Yes — 31 of opnsense's CVEs have a known public exploit.

How many critical opnsense vulnerabilities are there?

opnsense has 4 critical and 1 high-severity CVEs.

What is the average severity of opnsense CVEs?

The average CVSS base score across opnsense's scored CVEs is 6.7.

References

The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to
CNA directory: the CNAs that assign these CVEs

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track opnsense vulnerabilities

Monitor new opnsense vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Most affected products
Common weakness types
Assigning CNAs
Disclosure activity
Latest CVEs
Other vendors
FAQ
References