CVE-2026-34910

Confirmed PUBLISHED

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a...

Ubiquiti Inc · UniFi OS Server, UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, UDM-Beast, EFG, UDW, UDR, UDR7, UDR-5G, Express 7, UNVR, UNVR-Pro, UNVR-Instant, UNVR-G2, UNVR-G2-Pro, ENVR, ENVR-Core, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4, UNAS-Pro-8, UCKP, UCK, UCK-Enterprise, UCG-Ultra, UCG-Max, UCG-Fiber, UCG-Industrial

14 days faster than CISA KEV

Exploited in the wild Active exploitation observed PoC available Virtual patch available

Recommended Action

Prioritize immediate patching and validate internet-facing exposure. Monitor for matching exploitation attempts in your environment.

Confidence
Confirmed
Exploitation Status
Active exploitation observed
Observed in Sensors
Yes
Attempts (30d)
12
Unique Attacker IPs
5
CISA KEV
In CISA KEV
Virtual Patch
Yes 3 targets
CVSS / EPSS
10.0 Critical EPSS 78.6%

At a Glance

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.

nuclei_scanner cisa
CVE Published
May 22, 2026
Exploitation Reported
Jun 09, 2026
CVSS
10.0 Critical
EPSS
78.6%
Remote Low complexity No user interaction Unauthenticated

Affected Versions

31 version rows · page 1 of 2

Vendor Product Version Status
Ubiquiti Inc
UniFi OS Server

0 to < 5.0.8

Affected
Ubiquiti Inc
UDM

0 to < 5.1.12

Affected
Ubiquiti Inc
UDM-Pro

0 to < 5.1.12

Affected
Ubiquiti Inc
UDM-SE

0 to < 5.1.12

Affected
Ubiquiti Inc
UDM-Pro-Max

0 to < 5.1.12

Affected
Ubiquiti Inc
UDM-Beast

0 to < 5.1.11

Affected
Ubiquiti Inc
EFG

0 to < 5.1.12

Affected
Ubiquiti Inc
UDW

0 to < 5.1.12

Affected
Ubiquiti Inc
UDR

0 to < 5.1.12

Affected
Ubiquiti Inc
UDR7

0 to < 5.1.12

Affected
Ubiquiti Inc
UDR-5G

0 to < 5.1.12

Affected
Ubiquiti Inc
Express 7

0 to < 5.1.12

Affected
Ubiquiti Inc
UNVR

0 to < 5.1.12

Affected
Ubiquiti Inc
UNVR-Pro

0 to < 5.1.12

Affected
Ubiquiti Inc
UNVR-Instant

0 to < 5.1.12

Affected
Ubiquiti Inc
UNVR-G2

0 to < 5.1.12

Affected
Ubiquiti Inc
UNVR-G2-Pro

0 to < 5.1.12

Affected
Ubiquiti Inc
ENVR

0 to < 5.1.12

Affected
Ubiquiti Inc
ENVR-Core

0 to < 5.1.12

Affected
Ubiquiti Inc
UNAS-2

0 to < 5.1.10

Affected
Ubiquiti Inc
UNAS-4

0 to < 5.1.10

Affected
Ubiquiti Inc
UNAS-Pro

0 to < 5.1.10

Affected
Ubiquiti Inc
UNAS-Pro-4

0 to < 5.1.10

Affected
Ubiquiti Inc
UNAS-Pro-8

0 to < 5.1.10

Affected
Ubiquiti Inc
UCKP

0 to < 5.1.12

Affected

CVE References

Recommended Actions

  • Prioritize immediate patching and validate internet-facing exposure. Monitor for matching exploitation attempts in your environment.
  • Review sensor telemetry for request paths, attacker IPs, and payload patterns that may inform detection and exposure validation.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.