Critical severity9.1NVD Advisory· Published May 22, 2026· Updated May 22, 2026
CVE-2026-33000
CVE-2026-33000
Description
A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
Patches
Vulnerability mechanics
References
1News mentions
3- Critical Ubiquiti Vulnerabilities in Attackers’ CrosshairsSecurityWeek · Jun 24, 2026
- ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain ChaosThe Hacker News · May 25, 2026
- Ubiquiti patches three max severity UniFi OS vulnerabilitiesBleepingComputer · May 22, 2026