23616 matches found
CVE-2026-55115
The CVE-2026-55115 entry describes a Server-Side Request Forgery (SSRF) in the UniFi Protect Application that could allow a low-privilege, network-accessible attacker to escalate privileges on the host. The available sources state the affected component as the UniFi Protect Application and identi...
CVE-2026-55116
CVE-2026-55116 affects UniFi OS devices. The issue is an Improper Access Control vulnerability that could allow a network-attached attacker, under certain configurations, to make unauthorized changes to UniFi OS devices. The CVSS 3.1 vector indicates Network access, High attack complexity, No pri...
CVE-2026-55117
The CVE-2026-55117 entry describes a path traversal vulnerability in UniFi Access Application. The vulnerability could allow an attacker with network access to access files on the host device via the affected component, exposing potentially sensitive information. Documented details do not specify...
CVE-2026-55117
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device...
EUVD-2026-41393
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Protect Floodlight devices to access files on the UniFi Protect Floodlight...
CVE-2026-50747
The CVE-2026-50747 entry concerns the UniFi Talk Application. It describes an authenticated SQL Injection vulnerability that could be leveraged by an attacker with network access and low privileges to escalate privileges on the host device. The issue is characterized as high-severity (CVSS v3.1 b...
CVE-2026-54402
CVE-2026-54402 describes an Improper Input Validation flaw in UniFi OS enabling a Command Injection on the host when a malicious actor with network access and low privileges interacts with the system. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) yields a base score of 9.9 (CRITICAL),...
EUVD-2026-41391
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device...
CVE-2026-54402
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device...
CVE-2026-54401
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...
CVE-2026-54401
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...
EUVD-2026-41392
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...
CVE-2026-54406
A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device...
CVE-2026-54408
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming...
CVE-2026-54409
A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras...
CVE-2026-54404
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances...
EUVD-2026-41387
A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances...
CVE-2026-54406
CVE-2026-54406 : A Path Traversal vulnerability affects self-hosted instances of UniFi Network Application. The issue allows a malicious actor with network access and high privileges to escalate write permissions on the host device. Affected component: path traversal in the application’s handling...
CVE-2026-50748
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device...
CVE-2026-50748
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device...