UniFi Network Application vulnerabilities: Find affected assets
ID: 6c65a560-c6f6-5249-900e-a1c55c336cad
STIX ID: report--6c65a560-c6f6-5249-900e-a1c55c336cad
Feed Name: runZero Blog
Threat Score
Ubiquiti disclosed multiple vulnerabilities in the UniFi Network Application including a critical unauthenticated path traversal (CVE-2026-22557, CVSS 10.0) and a high-severity NoSQL injection (CVE-2026-22558, CVSS 7.7). Affected versions include UniFi Network Application 10.1.85 and earlier, 10.2.93 and earlier, and 9.0.114 and earlier; users are advised to update to patched releases (10.1.89+, 10.2.97+, or UniFi Express firmware 4.0.13+).
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.