CVE-2026-44195
OPNsense (FreeBSD-based firewall) prior to 26.1.7 contains a logic flaw in the lockout_handler that allows an unauthenticated attacker to repeatedly reset the authentication failure counter for their IP. By inserting a crafted username containing a success keyword (e.g., “Accepted” or “Successful...