Lucene search
K

50 matches found

NVD
NVD
added 2026/07/02 3:17 p.m.11 views

CVE-2026-54402

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device...

9.9CVSS0.00872EPSS
Exploits0References1
NVD
NVD
added 2026/07/02 3:17 p.m.9 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS0.00244EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:50 p.m.8 views

CVE-2026-56841

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...

8.8CVSS5.8AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:50 p.m.12 views

EUVD-2026-41399

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device...

8.8CVSS5.8AI score0.00249EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:50 p.m.5 views

EUVD-2026-41398

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:49 p.m.9 views

EUVD-2026-41391

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device...

9.9CVSS5.8AI score0.00872EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:49 p.m.8 views

CVE-2026-50747

A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00244EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.38 views

CVE-2026-50746

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...

10CVSS0.00922EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:49 p.m.24 views

CVE-2026-54400

Technical details about CVE-2026-54400 are not publicly available in the provided documents. Monitor for updates from vendors for affected UniFi Access Application components and mitigations.

9.1CVSS5.8AI score0.00291EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 2:49 p.m.35 views

CVE-2026-50748

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device...

9.9CVSS0.00889EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:49 p.m.6 views

EUVD-2026-41389

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device...

10CVSS5.8AI score0.00922EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 2:49 p.m.142 views

CVE-2026-50746

CVE-2026-50746 describes an "Improper Access Control" vulnerability in UniFi Connect Application that could allow a malicious actor with network access to perform a Command Injection on the host device. The publicly provided descriptions indicate the issue enables remote command execution with no...

10CVSS5.8AI score0.00922EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.18 views

PT-2026-55248

Name of the Vulnerable Software and Affected Versions UniFi OS with UniFi Protect Application affected versions not specified Description An Improper Access Control issue exists in UniFi OS when used with the UniFi Protect Application. A malicious actor with network access and low privileges coul...

8.8CVSS6.1AI score0.00198EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.13 views

PT-2026-55236

A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device...

9.1CVSS5.8AI score0.00291EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.15 views

PT-2026-55251

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF in UniFi Protect Application to escalate privileges on the host device...

9.9CVSS5.8AI score0.00232EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.10 views

PT-2026-55233

Name of the Vulnerable Software and Affected Versions UniFi Access Application affected versions not specified Description An improper input validation issue allows a malicious actor with network access and low privileges to perform command injection on the host device. Recommendations At the...

9.9CVSS6AI score0.00889EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.17 views

PT-2026-55231

Name of the Vulnerable Software and Affected Versions UniFi Connect Application versions prior to 3.4.17 Description An improper access control flaw exists in the UniFi Connect Application. A malicious actor with network access can exploit this issue to execute arbitrary commands on the host devi...

10CVSS6.4AI score0.00922EPSS
Exploits0References29
OSV
OSV
added 2026/06/25 9:16 a.m.8 views

UBUNTU-CVE-2026-53276

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:39 a.m.20 views

CVE-2026-53276

The CVE-2026-53276 entry concerns the Linux kernel Bluetooth ISO stack. A use-after-free occurs in iso_sock_rebind_bc where the bis pointer is cached and the socket lock is released before traversals, allowing a concurrent close() to free the hci_conn and its bis structure. The code then accesses...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Cancel the mesh send timer when the hdev is removed The meshsenddone timer is not canceled when the hdev is removed, which can cause a crash if the timer triggers after the hdev is gone. Cancel the timer when...

5.9AI score0.00162EPSS
Exploits0References3
Rows per page
Query Builder