Find notable cyber news and cases, enriched with sources, timelines, and signals.

Ubiquiti UniFi OS security updates (multiple vulnerabilities)

Security Patch Release
First reported
Last updated
Happening score
H score 28
2 unique sources, 4 articles

Summary

Hide ▲

Ubiquiti released security updates for UniFi OS to close five vulnerabilities, including three maximum-severity flaws that could let remote attackers without privileges alter systems or reach files and commands.

Related Happenings

Ubiquiti UniFi Connect, Talk, Access, Protect, and OS security patch release (multiple vulnerabilities)

Security Patch Release
H score45 First: 08.07.2026 17:38 Last: 08.07.2026 17:38 Sources 1

About this happening: **Ubiquiti** shipped **updates** for **UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS**, closing **multiple critical vulnerabilities** that could enable **pr...

Ubiquiti UniFi OS security patch release for CVE-2026-34908/34909/34910

Security Patch Release
H score53 First: 24.06.2026 20:19 Last: 24.06.2026 20:19 Sources 1

About this happening: Ubiquiti released **UniFi OS** patches for **CVE-2026-34908**, **CVE-2026-34909**, and **CVE-2026-34910**, closing three maximum-severity defects tied to **in-the-wild exploitatio...

F5 BIG-IP APM active exploitation wave (CVE-2025-53521)

Exploitation Wave
H score79 First: 02.04.2026 11:25 Last: 02.04.2026 11:25 Sources 1

About this happening: As of **2026-04-02**, ongoing attacks are exploiting **CVE-2025-53521** against **F5 BIG-IP APM** systems, leaving more than **14,000** exposed online and at risk of remote code e...

MongoDB CVE-2025-14847 active exploitation worldwide

Exploitation Wave
H score39 First: 29.12.2025 09:49 Last: 29.12.2025 09:49 Sources 1

About this happening: **CVE-2025-14847** is being **actively exploited** against **MongoDB** deployments, putting a global pool of **87,000+** potentially susceptible instances at risk. The wave matter...

F5 BIG-IP and related products October 2025 security updates (44 vulnerabilities)

Security Patch Release
H score63 First: 15.10.2025 21:01 Last: 15.10.2025 21:01 Sources 1

About this happening: **F5** released **October 2025 security updates** for **BIG-IP** and related products, patching **44 vulnerabilities** and urging customers to update immediately. The bundle inclu...

Timeline

  1. 24.06.2026 15:32 2 articles · 15d ago

    CISA warns of in-the-wild exploitation of Ubiquiti UniFi OS flaws

    Exploitation Observed

    CISA warned that threat actors were targeting CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910 in Ubiquiti UniFi OS devices after the flaws were patched in UniFi OS Server 5.0.8, and multiple users reported that the bugs were exploited in the wild, likely as zero-days, to create rogue administrator accounts named John Sim.

    Show sources
  2. 08.06.2026 18:51 1 articles · 1mo ago

    Bishop Fox validates unauthenticated root RCE chain in UniFi OS Server

    Technical Analysis Update

    Bishop Fox researchers validated a chain of CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910 against Ubiquiti UniFi OS Server 5.0.6, showing that CVE-2026-34908 and CVE-2026-34909 can bypass authentication and reach a vulnerable endpoint where CVE-2026-34910 enables command injection, with the affected service account’s sudo privileges making root shell access trivial and no credentials or user interaction required. The researchers also released a free detection script, advised hunting for requests to /api/auth/validate-sso/ and ucs/update/latest_package plus suspicious ucs-update child processes and unexpected sudo commands, and said the chain does not work on UniFi OS Server 5.0.8 or later.

    Show sources
  3. 22.05.2026 15:00 2 articles · 1mo ago

    Ubiquiti releases UniFi OS security updates

    Initial Disclosure

    Ubiquiti released security updates for UniFi OS on 2026-05-22 to address five vulnerabilities, including CVE-2026-34908, CVE-2026-34909, CVE-2026-34910, CVE-2026-33000, and CVE-2026-34911. The flaws could let remote attackers without privileges make unauthorized changes, access files through path traversal, or launch command injection after network access, and Ubiquiti said the issues were reported through its HackerOne bug bounty program and had not been disclosed as exploited in the wild. Censys was tracking nearly 100,000 Internet-exposed UniFi OS endpoints, including nearly 50,000 IP addresses in the United States.

    Show sources