Unifi network application
This hub aggregates every CVE we track for Unifi network application, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
3
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3CRITICAL3
Monthly trend
0
0
1
1
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
2
0
0
0
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Unifi network application.
- CVE-2026-22558An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges.7.7
- CVE-2026-22557A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated t...10.0
- CVE-2025-24292A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate to Enterprise WiFi or VPN Server (l2tp and OpenVPN) using a device’s MAC address from 802.1X or MA...6.8
- CVE-2024-42028A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational ...8.8
- CVE-2024-42025A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell acc...7.8
- CVE-2024-27981A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.0.28 and earlier) allows a malicious actor with UniFi Network Applic...9.8
- CVE-2023-41721Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement device adoption with improper access control logic, creatin...5.3
- CVE-2023-32000A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an A...4.8
- CVE-2023-28365A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application administrators to execute malicious commands on the host d...9.1
Product normalization is registry-driven with AI assist and human review. How it works