# Hacker Fantastic and team report a pre-auth remote root exploit against openwrt

> Source: <https://twitter.com/hackerfantastic/status/2074871544984064163>
> Published: 2026-07-08 15:33:51+00:00

Don't believe that this is real? OpenWRT pre-auth remote root exploit 0day (CVSS 9.6, CRITICAL). Submitted this morning to the project. Technical details with-held for future publication. I have so far ran against OpenWRT, Horde, Django, WordPress, Gitlab, Dropbear & more.

I've documented at a high-level the AI/LLM vulnerability discovery pipeline I am using for finding confirmed vulnerabilities (0day). Here is example of Stage1 output, the modelling phase is important as it provides guidance for the inference fuzzing recursive loop.
