Uisp application
This hub aggregates every CVE we track for Uisp application, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
CRITICAL2LOW1HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
1
0
3
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Uisp application.
- CVE-2025-48979An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.3.4
- CVE-2025-27216Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a malicious actor with certain permissions to escalate privileges.8.8
- CVE-2025-27217A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with certain permissions to make requests outside of UISP Application scope.9.1
- CVE-2025-24290Multiple Authenticated SQL Injection vulnerabilities found in UISP Application (Version 2.4.206 and earlier) could allow a malicious actor with low privileges to escalate privileges.9.9
Product normalization is registry-driven with AI assist and human review. How it works