CVE-2026-30868 | opnsense core up to 26.1.3 MVC API Endpoint cross-site request forgery

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability, which was classified as problematic, was found in opnsense core up to 26.1.3. The impacted element is an unknown function of the component MVC API Endpoint. The manipulation results in cross-site request forgery.

This vulnerability was named CVE-2026-30868. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.

CVE-2026-30868 | opnsense core up to 26.1.3 MVC API Endpoint cross-site request forgery

Post correlati

CVE-2024-44331 | GStreamer RTSP server 1.25.0 Hexstream rtsp-media.c denial of service

CVE-2025-38510 | Linux Kernel up to 6.1.145/6.6.98/6.12.38/6.15.6 kasan_find_vm_area deadlock

CVE-2024-35367 | FFmpeg 6.1.1 vp8dsp_altivec.c h_subpel_filters_outer out-of-bounds

CVE-2024-25533 | RuvarOA 6.01/12.01 OfficeFileUpdate.aspx information exposure