Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Ubiquiti UniFi OS security patch release for CVE-2026-34908/34909/34910

Security Patch Release
First reported
Last updated
Happening score
H score 53
1 unique sources, 1 articles

Summary

Hide ▲

Ubiquiti released UniFi OS patches for CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, closing three maximum-severity defects tied to in-the-wild exploitation. The fixed issues span command injection, path traversal, and improper access control on network-accessible systems. The release matters because the chain was reported as being used to deploy commodity malware and could support unauthorized changes and broader network compromise.

Related Happenings

Ubiquiti UniFi OS security updates (multiple vulnerabilities)

Security Patch Release
H score28 First: 22.05.2026 15:00 Last: 22.05.2026 15:00 Sources 1

About this happening: **Ubiquiti** released **security updates** for **UniFi OS** to close **five vulnerabilities**, including **three maximum-severity flaws** that could let **remote attackers without...

Latest development: 24.06.2026 15:32

CISA warned that threat actors were targeting CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910 in Ubiquiti UniFi OS devices after the flaws were patched in UniFi OS Server 5.0.8, and multiple users reported that the bugs were exploited in the wild, likely as zero-days, to create rogue administrator accounts named John Sim.

Open Happening

TrendAI Trend Micro’s enterprise business security patch release for CVE-2026-34926

Security Patch Release
H score45 First: 22.05.2026 11:19 Last: 22.05.2026 11:19 Sources 1

About this happening: **TrendAI** released **Apex One** security updates after confirming a **zero-day** had been **exploited in the wild**, leaving **on-premises installations** at risk until patched....

Open Happening

Ivanti security patch release for CVE-2026-8043

Security Patch Release
H score25 First: 18.05.2026 13:54 Last: 18.05.2026 13:54 Sources 1

About this happening: **Ivanti, Fortinet, SAP, Broadcom, and n8n** released **security fixes** on **2026-05-18** for flaws that could enable **authentication bypass**, **remote code execution**, **SQL...

Open Happening

Linux kernel Dirty Frag patch release (CVE-2026-43284, CVE-2026-43500)

Security Patch Release
H score32 First: 11.05.2026 17:30 Last: 11.05.2026 17:30 Sources 1

About this happening: **Major Linux distributions** are rolling out fixes for **Dirty Frag**, the **Linux kernel** patch release that covers **CVE-2026-43284** and **CVE-2026-43500**. The update matter...

Open Happening

Progress security patch release for CVE-2026-2699

Security Patch Release
H score68 First: 02.04.2026 16:33 Last: 02.04.2026 16:33 Sources 1

About this happening: **Progress** released **ShareFile 5.12.4** on **March 10** to fix **CVE-2026-2699** and **CVE-2026-2701** in the **Storage Zones Controller (SZC)** for **branch 5.x**. The update...

Open Happening

Timeline

  1. 24.06.2026 20:19 2 articles · 2h ago

    Ubiquiti releases UniFi OS patches for CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910

    Mitigation Patch Update

    Ubiquiti released UniFi OS patches for CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, closing three maximum-severity flaws involving command injection, path traversal, and improper access control on network-accessible systems.

    Show sources
    Open in new tab