Critical severity10.0CISA KEVNVD Advisory· Published May 22, 2026· Updated May 22, 2026
CVE-2026-34910
CVE-2026-34910
Description
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
11- 29th June – Threat Intelligence ReportCheck Point Research · Jun 29, 2026
- Breach Roundup: How Hackers Exploited a Cisco SD-WAN FlawGovInfoSecurity · Jun 26, 2026
- CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively ExploitedThe Hacker News · Jun 24, 2026
- CISA warns of max severity Ubiquiti flaws exploited in attacksBleepingComputer · Jun 24, 2026
- Critical Ubiquiti Vulnerabilities in Attackers’ CrosshairsSecurityWeek · Jun 24, 2026
- CISA Warns of Ubiquiti UniFi OS Vulnerability Actively Exploited in AttacksCyber Security News · Jun 24, 2026
- ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and MoreThe Hacker News · Jun 15, 2026
- Critical UniFi OS bug lets hackers gain root without authenticationBleepingComputer · Jun 8, 2026
- ⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain ChaosThe Hacker News · May 25, 2026
- Ubiquiti patches three max severity UniFi OS vulnerabilitiesBleepingComputer · May 22, 2026
- CISA Adds Four Known Exploited Vulnerabilities to CatalogCISA Alerts