CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.
CVE-2026-34908CVSS 10.0CISA KEVKnown Exploited

CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

CVSS
10.0 CRITICAL
EPSS
82.42%
Known exploited
yes
Product
UniFi OS

What is known

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

Sources