cbcvebase.

Ubiquiti Inc Unifi Os Server vulnerabilities

8 known vulnerabilities affecting ubiquiti_inc/unifi_os_server.

Total CVEs
8
CISA KEV
3
actively exploited
Public exploits
1
Exploited in wild
3
Severity breakdown
CRITICAL6HIGH2

Vulnerabilities

Page 1 of 1
CVE-2026-34910P1CRITICALCVSS 10.0KEVPoCfixed in 5.0.82026-05-22
CVE-2026-34910 [CRITICAL] CWE-20 CVE-2026-34910: A malicious actor with access to the network could exploit an Improper Input Validation vulnerabilit A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
nvd
CVE-2026-34909P1CRITICALCVSS 10.0KEVfixed in 5.0.82026-05-22
CVE-2026-34909 [CRITICAL] CWE-22 CVE-2026-34909: A malicious actor with access to the network could exploit a Path Traversal vulnerability found in U A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.
nvd
CVE-2026-34908P1CRITICALCVSS 10.0KEVfixed in 5.0.82026-05-22
CVE-2026-34908 [CRITICAL] CWE-284 CVE-2026-34908: A malicious actor with access to the network could exploit an Improper Access Control vulnerability A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.
nvd
CVE-2026-47370P2CRITICALCVSS 9.9fixed in 5.1.152026-06-12
CVE-2026-47370 [CRITICAL] CWE-20 CVE-2026-47370: A malicious actor with access to the network and low privileges could exploit an Improper Input Vali A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances.
nvd
CVE-2026-47369P2CRITICALCVSS 9.9fixed in 5.1.152026-06-12
CVE-2026-47369 [CRITICAL] CWE-20 CVE-2026-47369: A malicious actor with access to the network and low privileges could exploit an Improper Input Vali A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances.
nvd
CVE-2026-33000P2CRITICALCVSS 9.1fixed in 5.0.82026-05-22
CVE-2026-33000 [CRITICAL] CWE-20 CVE-2026-33000: A malicious actor with access to the network and high privileges could exploit an Improper Input Val A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
nvd
CVE-2026-47368P3HIGHCVSS 8.6fixed in 5.1.152026-06-12
CVE-2026-47368 [HIGH] CWE-22 CVE-2026-47368: A malicious actor with access to the network could exploit a Path Traversal vulnerability found in c A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.
nvd
CVE-2026-34911P3HIGHCVSS 7.7fixed in 5.0.82026-05-22
CVE-2026-34911 [HIGH] CWE-22 CVE-2026-34911: A malicious actor with access to the network and low privileges could exploit a Path Traversal vulne A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.
nvd
Ubiquiti Inc Unifi Os Server vulnerabilities | cvebase