Udm
This hub aggregates every CVE we track for Udm, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
5
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9CRITICAL5MEDIUM4
Monthly trend
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
4
4
0
4
4
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Udm.
- CVE-2026-47369A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such...9.9
- CVE-2026-47368A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.8.6
- CVE-2026-47370A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection wit...9.9
- CVE-2026-48610Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized ...8.1
- CVE-2026-34911A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipul...7.7
- CVE-2026-34910A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.10.0
- CVE-2026-34909A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an u...10.0
- CVE-2026-34908A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.10.0
- CVE-2026-33192free5GC UDM incorrectly returns 500 for empty supi path parameter in PATCH sdm-subscriptions reques5.3
- CVE-2026-33065free5GC UDM incorrectly returns 500 for empty supi path parameter in DELETE sdm-subscriptions request5.3
- CVE-2026-33064free5GC UDM DataChangeNotification Procedure Panic Due to Nil Pointer Dereference7.5
- CVE-2026-33191free5GC UDM vulnerable to null byte injection in URL path parameters causing 500 Internal Server Error8.6
- CVE-2026-27642free5GC has Improper Input Validation in UDM UEAU Service7.5
- CVE-2025-69252free5GC has Null Pointer Dereference in UDM, Leading to Service Panic7.5
- CVE-2025-69251free5GC has Improper Input Validation in UDM, Leading to Information Exposure5.3
Product normalization is registry-driven with AI assist and human review. How it works