U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog
ID: 40568585-a68f-5f46-93dc-f0ed3ba43226
STIX ID: report--40568585-a68f-5f46-93dc-f0ed3ba43226
Feed Name: Security Affairs
Threat Score
U.S. CISA has added multiple critical vulnerabilities affecting Ubiquiti UniFi OS and Lantronix EDS5000 (CVE-2025-67038, CVE-2026-34908, CVE-2026-34909, CVE-2026-34910) to its Known Exploited Vulnerabilities (KEV) catalog; the flaws include command injection and improper access control (several with CVSS 10.0) that can enable root-level command execution or unauthorized system changes, and CISA has ordered federal agencies to remediate them by June 26, 2026.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
