Critical severity10.0NVD Advisory· Published May 22, 2026

CVE-2026-34909

Description

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account.

Affected products

Ubiquiti Inc/Unifillm-fuzzy

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963bnvd

News mentions

Ubiquiti patches three max severity UniFi OS vulnerabilities
BleepingComputer · May 22, 2026

cvss	0.650
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000