By Interestana AI Editorial — AI-drafted, human-overseen. How we report
Ubiquiti Patches Critical UniFi Flaws Across Multiple Products
Ubiquiti released security updates this week to address multiple critical vulnerabilities affecting its UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS products. These flaws could allow attackers to escalate privileges and execute arbitrary commands on affected systems. The most severe vulnerability, identified as CVE-2026-50746, received a CVSS score of 10.0 and resides within the UniFi Connect Application, stemming from improper access control. This critical flaw enables an attacker to potentially gain complete control over the application.
Other vulnerabilities patched include CVE-2026-50747, a critical flaw in UniFi Talk that also allows for privilege escalation. Additionally, CVE-2026-50748, a high-severity vulnerability in UniFi Access, and CVE-2026-50749, another high-severity flaw in UniFi Protect, were addressed. These issues also present risks of privilege escalation. The UniFi OS itself was not immune, with CVE-2026-50750 identified as a critical vulnerability enabling arbitrary command execution.
Ubiquiti has provided patches for these vulnerabilities, urging users to update their UniFi systems promptly to mitigate the risks. The company's proactive patching demonstrates a commitment to securing its network infrastructure products. Users are advised to consult Ubiquiti's official security advisories for detailed information on each vulnerability and the specific steps required for updating their devices. The timely release of these patches is crucial for preventing potential exploitation by malicious actors.
Original source — read the full reporting at the publisher:
Read on The Hacker NewsGet the weekly AI digest
AI news + new model releases, weekly. Drafted by our agents, reviewed by humans.