logo

U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog

ID: 40568585-a68f-5f46-93dc-f0ed3ba43226

STIX ID: report--40568585-a68f-5f46-93dc-f0ed3ba43226

Feed Name: Security Affairs

Threat Score
85/100

Date Published: 2026-06-24

Date Updated: 2026-06-24

Author: Pierluigi Paganini

...
...

U.S. CISA has added multiple critical vulnerabilities affecting Ubiquiti UniFi OS and Lantronix EDS5000 (CVE-2025-67038, CVE-2026-34908, CVE-2026-34909, CVE-2026-34910) to its Known Exploited Vulnerabilities (KEV) catalog; the flaws include command injection and improper access control (several with CVSS 10.0) that can enable root-level command execution or unauthorized system changes, and CISA has ordered federal agencies to remediate them by June 26, 2026.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.