Udm-pro-max
This hub aggregates every CVE we track for Udm-pro-max, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
5
Critical
3
High
0
In CISA KEV
Severity distribution
CRITICAL5HIGH3MEDIUM1
Monthly trend
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
4
4
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Udm-pro-max.
- CVE-2026-47369A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such...9.9
- CVE-2026-47368A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.8.6
- CVE-2026-47370A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection wit...9.9
- CVE-2026-48610Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized ...8.1
- CVE-2026-34911A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipul...7.7
- CVE-2026-34910A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.10.0
- CVE-2026-34909A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an u...10.0
- CVE-2026-34908A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.10.0
- CVE-2025-23091An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.5.9
Product normalization is registry-driven with AI assist and human review. How it works