Lucene search
K

368638 matches found

CVE
CVE
added 4 days ago12 views

CVE-2026-55119

The CVE-2026-55119 entry concerns a vulnerability in UniFi Talk Application described as Improper Access Control that could allow a user with network access and low privileges to escalate privileges within the UniFi Talk Application. This is supported by the connected documents which cite a CVSS ...

8.1CVSS5.8AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-56842

CVE-2026-56842 : A vulnerability in UniFi Network Application allows a malicious actor with network access to persist privileges after the access is removed, due to an Incorrect Authorization flaw. The CVSS v3.1 base score is 7.5 (HIGH) with vector AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H. Affected co...

7.5CVSS5.7AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-55114

The CVE-2026-55114 entry concerns UniFi Network Application. Affected component: the UniFi Network Application itself, with an Improper Access Control vulnerability that allows a user with network access and low privileges to escalate privileges within the application. The CVSSv3.1 vector (AV:N/A...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-55112

Technical details for CVE-2026-55112 are not publicly available in the provided documents. Monitor for updates.

7.5CVSS5.8AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-55116

CVE-2026-55116 affects UniFi OS devices. The issue is an Improper Access Control vulnerability that could allow a network-attached attacker, under certain configurations, to make unauthorized changes to UniFi OS devices. The CVSS 3.1 vector indicates Network access, High attack complexity, No pri...

9CVSS5.8AI score0.0022EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-56841

CVE-2026-56841 describes an authenticated SQL Injection vulnerability in UniFi Protect Application. A network-accessible attacker with low privileges can exploit this to escalate privileges on the host device. Affected software: UniFi Protect Application (specific versions not stated in the provi...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-55118

CVE-2026-55118 concerns UniFi Network Application with an Improper Access Control flaw that could allow a malicious actor with network access and low privileges to escalate privileges within the UniFi Network Application. The connected records provide CVSS 3.1 details (AV:N/AC:L/PR:L/UI:N/S:U/C:L...

8.3CVSS5.8AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-55113

CVE-2026-55113 involves a Server-Side Request Forgery (SSRF) in the UniFi Talk Application that can allow a remote attacker with network access to cause a Denial of Service and bypass authentication on certain UniFi Talk API endpoints. The vulnerability affects the UniFi Talk platform’s API surfa...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-55117

The CVE-2026-55117 entry describes a path traversal vulnerability in UniFi Access Application. The vulnerability could allow an attacker with network access to access files on the host device via the affected component, exposing potentially sensitive information. Documented details do not specify...

8.6CVSS5.8AI score0.00342EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-55115

The CVE-2026-55115 entry describes a Server-Side Request Forgery (SSRF) in the UniFi Protect Application that could allow a low-privilege, network-accessible attacker to escalate privileges on the host. The available sources state the affected component as the UniFi Protect Application and identi...

9.9CVSS5.8AI score0.00232EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-54401

CVE-2026-54401 describes a Server-Side Request Forgery (SSRF) in UniFi OS devices/instances that an attacker with network access and low privileges could abuse to escalate privileges. The CVSS 3.1 vector is AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N with a base score of 7.7 (HIGH) and high confidentiali...

7.7CVSS5.8AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-54402

CVE-2026-54402 describes an Improper Input Validation flaw in UniFi OS enabling a Command Injection on the host when a malicious actor with network access and low privileges interacts with the system. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) yields a base score of 9.9 (CRITICAL),...

9.9CVSS5.8AI score0.00789EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-55111

The CVE-2026-55111 affects UniFi Protect Floodlight devices and describes a Path Traversal vulnerability that could allow an attacker with network access to access files on the Floodlight device, impacting confidentiality. The available documents do not specify the exact vulnerable component/vers...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-50747

The CVE-2026-50747 entry concerns the UniFi Talk Application. It describes an authenticated SQL Injection vulnerability that could be leveraged by an attacker with network access and low privileges to escalate privileges on the host device. The issue is characterized as high-severity (CVSS v3.1 b...

9.9CVSS5.8AI score0.00239EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-50748

CVE-2026-50748 describes an Improp er Input Validation vulnerability in the UniFi Access Application that enables a Command Injection on the host when an attacker with network access and low privileges can exploit it. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H, indicating...

9.9CVSS5.8AI score0.00789EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-54409

Summary of CVE-2026-54409 : A network-accessible vulnerability in the UniFi Protect Application, described as an Improper Initialization flaw, could allow a attacker to bypass authentication on UniFi Protect Cameras under certain conditions. Affected components are the UniFi Protect Application a...

7.5CVSS5.8AI score0.00237EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-54403

The CVE-2026-54403 entry concerns a Path Traversal vulnerability in UniFi OS devices. The issue allows an attacker with network access to bypass authentication on affected UniFi OS devices/instances by exploiting path traversal. The provided sources describe the vulnerability but do not specify a...

8.6CVSS5.8AI score0.00481EPSS
Exploits0References1
CVE
CVE
added 4 days ago12 views

CVE-2026-54404

UniFi OS is affected by CVE-2026-54404, which describes a series of authenticated SQL Injection vulnerabilities that allow a user with network access and low privileges to escalate privileges within UniFi OS devices or instances. The available sources confirm the issue and provide a CVSSv3.1 base...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-55110

Summary: CVE-2026-55110 describes a CORS misconfiguration in UniFi OS that could allow a malicious page to trigger actions in UniFi OS using an authenticated user’s session after the user visits a malicious page. Affected software/component: UniFi OS (CORS configuration issue). Root cause: CORS m...

7.5CVSS5.7AI score0.00181EPSS
Exploits0References1
CVE
CVE
added 4 days ago10 views

CVE-2026-54407

The CVE-2026-54407 entry concerns UniFi Protect Application with an Improper Access Control flaw that allows bypassing authentication on certain API endpoints. The vulnerability enables an unauthenticated or improperly authenticated actor with network access to interact with protected UniFi Prote...

8.6CVSS5.8AI score0.00306EPSS
Exploits0References1
Rows per page
Query Builder