Vulnerability intelligence

CVE-2026-48610

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.

CVSS Score

—

High

EPSS — Exploit Probability

0.0%

Riskier than 0% of all CVEs

Exploitation

Not in CISA KEV

No federal exploitation record

Remediation

unknown

Check vendor advisories

NVD entry

1 article across 1 outlet · first covered Jun 12, 2026 · latest Jun 12, 2026

Tracked incidents

vulnerability open 11 articles

Ivanti Sentry OS command injection flaw (CVE-2026-10520) exploited in the wild

Coverage timeline

Ubiquiti UniFi OS flaws let attackers run commands on devices
securityonline.info · Jun 12, 2026