Unifi os server
This hub aggregates every CVE we track for Unifi os server, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
13
CVEs tracked
7
Critical
6
High
3
In CISA KEV
Severity distribution
CRITICAL7HIGH6
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
5
3
5
2024-082026-07
Latest CVEs
The 13 most recently published vulnerabilities affecting Unifi os server.
- CVE-2026-54401A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) to escalate privileges within such UniFi OS devices or instances.7.7
- CVE-2026-54402A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device.9.9
- CVE-2026-54403A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances.8.6
- CVE-2026-54404A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS d...8.8
- CVE-2026-55110A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using th...7.5
- CVE-2026-47370A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection wit...9.9
- CVE-2026-47368A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances.8.6
- CVE-2026-47369A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such...9.9
- CVE-2026-34911A malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipul...7.7
- CVE-2026-34910A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.KEV10.0
- CVE-2026-34909A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an u...KEV10.0
- CVE-2026-34908A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.KEV10.0
- CVE-2026-33000A malicious actor with access to the network and high privileges could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.9.1
Product normalization is registry-driven with AI assist and human review. How it works