18 matches found
CVE-2026-54401
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...
CVE-2026-54401
A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery SSRF to escalate privileges within such UniFi OS devices or instances...
CVE-2026-47370
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances...
CVE-2026-47369
A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances...
EUVD-2026-36378
Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...
VulnCheck KEV: CVE-2026-34909
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account...
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
CVE-2026-34908
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...
CVE-2026-34908
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...
CVE-2026-34908
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...
EUVD-2026-31384
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account...
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...
PT-2026-42656
Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description An improper input validation issue in UniFi OS allows a malicious actor with network access and high privileges to execute a command injection. Approximately 100,000 UniFi endpoints are...
PT-2026-42659
Name of the Vulnerable Software and Affected Versions UniFi OS affected versions not specified Description An improper input validation issue exists in UniFi OS devices. A remote actor with network access can exploit this flaw to perform a command injection, which allows the execution of arbitrar...
EUVD-2025-3119
Malicious code in bioql PyPI...
CVE-2025-23091
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle MitM attack during application update...
CVE-2025-23091
An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle MitM attack during application update...