July 1, 2026

Hack, patch, and the AI side-eye

Chasing the OPNsense RCE: The Story Behind My First CVEs

Firewall hero drops 5 bug bombs, but commenters only want one answer: where was the AI

TLDR: A researcher found five security holes in OPNsense, including one severe flaw that could let outsiders seize control of a device, and the fixes are already out. But the comments stole the spotlight by obsessing over one thing: whether the researcher used AI and why they didn’t say so.

A security researcher just had a main-character week: five software flaws found in OPNsense, including one nasty bug that could let an attacker take over a device remotely. For people who don’t live in cyber-land, OPNsense is the software many homes and businesses trust to guard their internet traffic, so this wasn’t some tiny app nobody uses. The big plot twist? The researcher says the issues were found in just five days, and the software team patched the public ones fast, which earned them some real respect.

But in the comments, the crowd swerved hard into a very 2026 argument: wait, did you use AI or not? The loudest reaction came from a commenter basically accusing the post of dodging the obvious modern question. That instantly turned the story from a classic hacker victory lap into a mini culture-war: is finding bugs still a badge of human skill, or do readers now expect every write-up to include an AI disclosure like it’s food-labeling? The subtext was spicy: some people would read silence as “definitely used it,” while others would probably roll their eyes and say the result matters more than the tool.

The funniest part is that a story about a firewall getting broken somehow turned into commenters trying to audit the author’s brain. One week, five bugs, one giant internet side-eye: not “how did this happen?” but “be honest, did ChatGPT help?”

Key Points

  • The article says a week of security research into OPNsense produced eight findings, five of which had been patched at the time of writing.
  • The most severe disclosed issue is CVE-2026-57155, described as a remote code execution vulnerability via arbitrary file write in the GeoIP Alias Importer with a 9.9 CVSS score.
  • The author states that the research was conducted at Hacking Cult during designated security research time for penetration testers.
  • Four additional patched vulnerabilities are listed: one XPath injection flaw and three stored XSS issues, each with associated CVE and GHSA identifiers.
  • The article states that the OPNsense team remediated all five disclosed vulnerabilities and that two additional findings were still under review while one was a duplicate.

Hottest takes

"Why did you not mention LLM use in the post at all?" — pizzalife
"Are you not using LLMs as part of your toolkit in 2026?" — pizzalife
"Please provide" — pizzalife
Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.