Find notable cyber news and cases, enriched with sources, timelines, and signals.

Ubiquiti UniFi Connect, Talk, Access, Protect, and OS security patch release (multiple vulnerabilities)

Security Patch Release
First reported
Last updated
Happening score
H score 45
1 unique sources, 1 articles

Summary

Hide ▲

Ubiquiti shipped updates for UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS, closing multiple critical vulnerabilities that could enable privilege escalation and arbitrary command execution.

Related Happenings

Ubiquiti UniFi OS security patch release for CVE-2026-34908/34909/34910

Security Patch Release
H score53 First: 24.06.2026 20:19 Last: 24.06.2026 20:19 Sources 1

About this happening: Ubiquiti released **UniFi OS** patches for **CVE-2026-34908**, **CVE-2026-34909**, and **CVE-2026-34910**, closing three maximum-severity defects tied to **in-the-wild exploitatio...

CISA BOD 26-04 three-day remediation directive

Public Sector Action
H score36 First: 24.06.2026 17:35 Last: 24.06.2026 17:35 Sources 1

About this happening: CISA's **BOD 26-04** requires **federal agencies** to apply available security updates or vendor-recommended mitigations within **three days**, accelerating remediation for **acti...

Ubiquiti UniFi OS security updates (multiple vulnerabilities)

Security Patch Release
H score28 First: 22.05.2026 15:00 Last: 22.05.2026 15:00 Sources 1

About this happening: **Ubiquiti** released **security updates** for **UniFi OS** to close **five vulnerabilities**, including **three maximum-severity flaws** that could let **remote attackers without...

Latest development: 24.06.2026 15:32

CISA warned that threat actors were targeting CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910 in Ubiquiti UniFi OS devices after the flaws were patched in UniFi OS Server 5.0.8, and multiple users reported that the bugs were exploited in the wild, likely as zero-days, to create rogue administrator accounts named John Sim.

Timeline

  1. 08.07.2026 17:38 2 articles · 1d ago

    Ubiquiti ships fixes for critical UniFi Connect, Talk, Access, Protect, and OS flaws

    Mitigation Patch Update

    Ubiquiti shipped updates for UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS to fix multiple critical flaws, including CVE-2026-50746, CVE-2026-50747, CVE-2026-50748, CVE-2026-54400, CVE-2026-55115, CVE-2026-54402, and CVE-2026-55116, which could enable command injection, privilege escalation, SSRF, and unauthorized changes on host devices.

    Show sources