Vulnerability intelligence
CVE-2026-34910
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection.
CVSS Score
10
Critical
EPSS — Exploit Probability
34%
Riskier than 98% of all CVEs
Exploitation
Confirmed in the wild
KEV since 2026-06-23
Remediation
unknown
Federal deadline 2026-06-26
2 articles across 2 outlets · first covered Jun 23, 2026 · latest Jun 23, 2026
Tracked incidents
Coverage timeline
-
CISA flags active exploit in Ubiquiti UniFi OS CVE-2026-34910www.cisa.gov · Jun 23, 2026
-
CISA Flags Critical UniFi OS Flaw as Actively Exploited, No Patchcisa.gov · Jun 23, 2026