OPNsense CVE-2026-57155: Root RCE via GeoIP Alias

OPNsense CVE-2026-57155

OPNsense CVE-2026-57155 (CVSS 9.9) is a path-traversal flaw in the firewall’s GeoIP alias importer that lets a low-privileged user escalate to full root remote code execution. It is the fifth critical or high-severity OPNsense vulnerability disclosed since May 2026, and it matters disproportionately for German Mittelstand IT teams and MSPs because OPNsense’s free, open-source model…

Read More