Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

CVE-2026-34908: UniFi OS: Unauthorized changes to system configuration

CVE-2026-34908

Summary

This vulnerability affects UniFi OS devices. If left unpatched, a malicious actor with access to the network could make unauthorized changes to the system, potentially disrupting network operations. To protect your devices, update UniFi OS to the latest version.

Original title

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

Original description

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system.

nvd CVSS3.1 10.0

Vulnerability type

CWE-284 Improper Access Control

https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4c...

Published: 22 May 2026 · Updated: 30 May 2026 · First seen: 22 May 2026