Skip to content
Tech News
← Back to articles

Ubiquiti patches three max severity UniFi OS vulnerabilities

2026-05-22 | original
read original get Ubiquiti UniFi Security Patch → more articles
Why This Matters

Ubiquiti's recent security updates address three critical vulnerabilities in UniFi OS that could allow remote attackers to compromise systems, access sensitive data, or execute malicious commands. These patches are vital for protecting network infrastructure and maintaining the integrity of devices managed through UniFi OS, especially given the large number of exposed endpoints worldwide. Ensuring these vulnerabilities are patched helps safeguard both enterprise and consumer networks from potential exploitation.

Key Takeaways

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in Unify OS that can be exploited by remote attackers without privileges.

UniFi OS is a unified operating system that powers UniFi Consoles and helps manage IT infrastructure, including networking, security, and other services, as well as UniFi applications such as UniFi Network, UniFi Protect, UniFi Access, UniFi Talk, and UniFi Connect.

The first flaw (CVE-2026-34908) enables attackers to make unauthorized changes to targeted systems by exploiting an Improper Access Control weakness in Unify OS, while the second (CVE-2026-34909) allows them to access files on the underlying system by abusing a Path Traversal vulnerability, which could be manipulated to access an underlying account.

A third maximum severity security issue (CVE-2026-34910) makes it possible for malicious actors to launch a command injection attack after gaining network access by exploiting an Improper Input Validation vulnerability.

On Thursday, Ubiquiti also patched a second critical command injection flaw (CVE-2026-33000) and a high-severity information disclosure (CVE-2026-34911), both affecting Unifi OS devices.

Ubiquiti has yet to disclose whether any of the five vulnerabilities were exploited in the wild before disclosure, but shared that they can be exploited in low-complexity attacks and were reported through its HackerOne bug bounty program.

At the moment, threat intelligence company Censys is tracking nearly 100,000 Internet-exposed UniFi OS endpoints, most of them (nearly 50,000 IP addresses) found in the United States.

However, there is currently no information on how many have been secured against potential attacks targeting the vulnerabilities Ubiquiti patched this week.

UniFi OS endpoints exposed online (Censys)

​In March, Ubiquiti patched another maximum-severity flaw (CVE-2026-22557) in the UniFi Network Application that may allow attackers to take over user accounts, as well as a vulnerability (CVE-2026-22558) that can be exploited to escalate privileges.

... continue reading

Explore topics: ubiquiti unifi os security vulnerabilities unifi network unifi protect
Related:
All the bugs they found
New macOS vulnerabilities were exposed by Anthropic’s Mythos: report
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
iOS 26.5 has fixes for 50+ security issues on iPhone, details here
AI Is Breaking Two Vulnerability Cultures

© 2026 GoKawiil

About | Editorial Policy | Contact