cbcvebase.
CVE-2026-22563
published 2026-04-13

CVE-2026-22563: A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected…

PriorityP269critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.05%
60.0th percentile
A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier) UniFi Play Audio Port (Version 1.0.24 and earlier) Mitigation: Update UniFi Play PowerAmp to Version 1.0.38 or later Update UniFi Play Audio Port to Version 1.1.9 or later

Affected

2 ranges
VendorProductVersion rangeFixed in
ubiquiti_incunifi_play_audio_port< 1.1.91.1.9
ubiquiti_incunifi_play_poweramp< 1.0.381.0.38
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.