Vendor
Ui Com
Products
3
CVEs
3
Across products
4
Status
Private
Products
3- 2 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-34910 | Cri | 0.65 | 10.0 | — | May 22, 2026 | A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. | ||
| CVE-2026-34911 | Hig | 0.50 | 7.7 | — | May 22, 2026 | A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information. | ||
| CVE-2024-37380 | Med | 0.34 | 5.3 | 0.00 | Jul 22, 2024 | A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point. Affected Products: UniFi U6+ Access Point (Version 6.6.65 and earlier) Mitigation: Update your UniFi U6+ Access Point to Version 6.6.74 or later. |
- risk 0.65cvss 10.0epss —
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
- risk 0.50cvss 7.7epss —
A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to obtain sensitive information.
- risk 0.34cvss 5.3epss 0.00
A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point. Affected Products: UniFi U6+ Access Point (Version 6.6.65 and earlier) Mitigation: Update your UniFi U6+ Access Point to Version 6.6.74 or later.