https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 05:07:04 +0000 https://vulnerability.circl.lu/sighting/04b8a562-40f5-4180-82ec-b8dce947aa21/export {"uuid": "04b8a562-40f5-4180-82ec-b8dce947aa21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3moxejgzkg22n", "content": "Ubiquiti\u88fd\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6a5f\u5668\u306e\u300cUniFi OS\u300d\u306b\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u8106\u5f31\u6027\n\nUbiquiti\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6a5f\u5668\u306b\u642d\u8f09\u3055\u308c\u3066\u3044\u308b\u300cUniFi OS\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u5224\u660e\u3057\u305f\u3002\u6df1\u523b\u306a\u8106\u5f31\u6027\u3082\u8907\u6570\u542b\u307e\u308c\u308b\u3002\n\n...\n\n\u300cCVE-2026-34908\u300d\u306f\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u4e0d\u5099\u306e\u8106\u5f31\u6027\u3002\u30ea\u30e2\u30fc\u30c8\u3088\u308a\u8a8d\u8a3c\u3092\u5fc5\u8981\u3068\u3059\u308b\u3053\u3068\u306a\u304f\u30b7\u30b9\u30c6\u30e0\u306e\u8a2d\u5b9a\u3092\u5909\u66f4\u3067\u304d\u308b\u3002\n\n\u3055\u3089\u306b\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u8106\u5f31\u6027\u300cCVE-2026-34909\u300d\u3084\u3001\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u300cCVE-2026-34910\u300d\u306a\u3069\u3082\u78ba\u8a8d\u3055\u308c\u305f\u3002", "creation_timestamp": "2026-06-23T12:08:44.467052Z"} {"uuid": "04b8a562-40f5-4180-82ec-b8dce947aa21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3moxejgzkg22n", "content": "Ubiquiti\u88fd\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6a5f\u5668\u306e\u300cUniFi OS\u300d\u306b\u30af\u30ea\u30c6\u30a3\u30ab\u30eb\u8106\u5f31\u6027\n\nUbiquiti\u306e\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u6a5f\u5668\u306b\u642d\u8f09\u3055\u308c\u3066\u3044\u308b\u300cUniFi OS\u300d\u306b\u8907\u6570\u306e\u8106\u5f31\u6027\u304c\u5224\u660e\u3057\u305f\u3002\u6df1\u523b\u306a\u8106\u5f31\u6027\u3082\u8907\u6570\u542b\u307e\u308c\u308b\u3002\n\n...\n\n\u300cCVE-2026-34908\u300d\u306f\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u4e0d\u5099\u306e\u8106\u5f31\u6027\u3002\u30ea\u30e2\u30fc\u30c8\u3088\u308a\u8a8d\u8a3c\u3092\u5fc5\u8981\u3068\u3059\u308b\u3053\u3068\u306a\u304f\u30b7\u30b9\u30c6\u30e0\u306e\u8a2d\u5b9a\u3092\u5909\u66f4\u3067\u304d\u308b\u3002\n\n\u3055\u3089\u306b\u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u306e\u8106\u5f31\u6027\u300cCVE-2026-34909\u300d\u3084\u3001\u30b3\u30de\u30f3\u30c9\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027\u300cCVE-2026-34910\u300d\u306a\u3069\u3082\u78ba\u8a8d\u3055\u308c\u305f\u3002", "creation_timestamp": "2026-06-23T12:08:44.467052Z"} https://vulnerability.circl.lu/sighting/04b8a562-40f5-4180-82ec-b8dce947aa21/export Tue, 23 Jun 2026 12:08:44 +0000 https://vulnerability.circl.lu/sighting/240910f6-3896-4ca8-a228-dc6928f0611d/export {"uuid": "240910f6-3896-4ca8-a228-dc6928f0611d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/ubiquiti-security-advisory-av26-498", "content": "", "creation_timestamp": "2026-06-23T13:14:02.000000Z"} {"uuid": "240910f6-3896-4ca8-a228-dc6928f0611d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/ubiquiti-security-advisory-av26-498", "content": "", "creation_timestamp": "2026-06-23T13:14:02.000000Z"} https://vulnerability.circl.lu/sighting/240910f6-3896-4ca8-a228-dc6928f0611d/export Tue, 23 Jun 2026 13:14:02 +0000 https://vulnerability.circl.lu/sighting/45981302-29a2-4eab-9d2d-82ab25e71220/export {"uuid": "45981302-29a2-4eab-9d2d-82ab25e71220", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c2ac14b-8057-44c2-8780-186c987089b2", "content": "", "creation_timestamp": "2026-06-23T14:02:58.967058Z"} {"uuid": "45981302-29a2-4eab-9d2d-82ab25e71220", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c2ac14b-8057-44c2-8780-186c987089b2", "content": "", "creation_timestamp": "2026-06-23T14:02:58.967058Z"} https://vulnerability.circl.lu/sighting/45981302-29a2-4eab-9d2d-82ab25e71220/export Tue, 23 Jun 2026 14:02:58 +0000 https://vulnerability.circl.lu/sighting/16fa22c9-ad7c-44a0-a5c4-025bb5c65836/export {"uuid": "16fa22c9-ad7c-44a0-a5c4-025bb5c65836", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bf6acc59-fb29-4fa8-8d1c-f32c78f9f8f3", "content": "", "creation_timestamp": "2026-06-23T18:00:02.589393Z"} {"uuid": "16fa22c9-ad7c-44a0-a5c4-025bb5c65836", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bf6acc59-fb29-4fa8-8d1c-f32c78f9f8f3", "content": "", "creation_timestamp": "2026-06-23T18:00:02.589393Z"} https://vulnerability.circl.lu/sighting/16fa22c9-ad7c-44a0-a5c4-025bb5c65836/export Tue, 23 Jun 2026 18:00:02 +0000 https://vulnerability.circl.lu/sighting/fc5fde66-33b5-4856-b825-1071b5c65b5e/export {"uuid": "fc5fde66-33b5-4856-b825-1071b5c65b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6817244", "content": "2026-06-23: [CVE-2026-34908] Ubiquiti UniFi OS Improper Access Control VulnerabilityUbiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.\ncisakev", "creation_timestamp": "2026-06-23T18:43:00.320273Z"} {"uuid": "fc5fde66-33b5-4856-b825-1071b5c65b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6817244", "content": "2026-06-23: [CVE-2026-34908] Ubiquiti UniFi OS Improper Access Control VulnerabilityUbiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to the system.\ncisakev", "creation_timestamp": "2026-06-23T18:43:00.320273Z"} https://vulnerability.circl.lu/sighting/fc5fde66-33b5-4856-b825-1071b5c65b5e/export Tue, 23 Jun 2026 18:43:00 +0000 https://vulnerability.circl.lu/sighting/42611f6b-c1df-4f6f-837c-820d24c73ffe/export {"uuid": "42611f6b-c1df-4f6f-837c-820d24c73ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116800974631729730", "content": "CISA has updated the KEV catalogue:\n- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908\n- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909\n- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910\n- CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability", "creation_timestamp": "2026-06-23T19:03:54.837105Z"} {"uuid": "42611f6b-c1df-4f6f-837c-820d24c73ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116800974631729730", "content": "CISA has updated the KEV catalogue:\n- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908\n- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909\n- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910\n- CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability", "creation_timestamp": "2026-06-23T19:03:54.837105Z"} https://vulnerability.circl.lu/sighting/42611f6b-c1df-4f6f-837c-820d24c73ffe/export Tue, 23 Jun 2026 19:03:54 +0000 https://vulnerability.circl.lu/sighting/7cb56bc8-6441-4a40-8aa4-6b75c2eecded/export {"uuid": "7cb56bc8-6441-4a40-8aa4-6b75c2eecded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moy6knfu2c2z", "content": "\ud83d\udd34 EXPLOITED\n\nPatched in May. Being exploited in June.\n\nIf you self-host UniFi OS Server, anyone who can reach its web page can get root with no login.\n\nUpdate to 5.0.8 now and lock down who can reach it. (CVE-2026-34908/909/910)", "creation_timestamp": "2026-06-23T19:54:42.525621Z"} {"uuid": "7cb56bc8-6441-4a40-8aa4-6b75c2eecded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3moy6knfu2c2z", "content": "\ud83d\udd34 EXPLOITED\n\nPatched in May. Being exploited in June.\n\nIf you self-host UniFi OS Server, anyone who can reach its web page can get root with no login.\n\nUpdate to 5.0.8 now and lock down who can reach it. (CVE-2026-34908/909/910)", "creation_timestamp": "2026-06-23T19:54:42.525621Z"} https://vulnerability.circl.lu/sighting/7cb56bc8-6441-4a40-8aa4-6b75c2eecded/export Tue, 23 Jun 2026 19:54:42 +0000 https://vulnerability.circl.lu/sighting/6b329ed0-1a0b-45e5-8749-c45797d7d246/export {"uuid": "6b329ed0-1a0b-45e5-8749-c45797d7d246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mozwu5rpct2w", "content": "Threat actors exploited three critical Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908/34909/34910) to bypass authentication, access/manipulate files, and execute command injection.\n", "creation_timestamp": "2026-06-24T12:42:25.590280Z"} {"uuid": "6b329ed0-1a0b-45e5-8749-c45797d7d246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mozwu5rpct2w", "content": "Threat actors exploited three critical Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908/34909/34910) to bypass authentication, access/manipulate files, and execute command injection.\n", "creation_timestamp": "2026-06-24T12:42:25.590280Z"} https://vulnerability.circl.lu/sighting/6b329ed0-1a0b-45e5-8749-c45797d7d246/export Wed, 24 Jun 2026 12:42:25 +0000 https://vulnerability.circl.lu/sighting/0db9a27c-77c1-4a21-8c24-885758effb30/export {"uuid": "0db9a27c-77c1-4a21-8c24-885758effb30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116805325963552354", "content": "CRITICAL UniFi OS vulnerabilities (CVE-2026-34908/09/10) allow remote, unauthenticated attackers to bypass auth and execute commands (pre-5.0.8). Exploited in the wild. Patch ASAP: https://radar.offseq.com/threat/critical-ubiquiti-vulnerabilities-in-attackers-cro-da638630474e46d7 #OffSeq #infosec #Ubiquiti #vulnerability", "creation_timestamp": "2026-06-24T13:30:31.472177Z"} {"uuid": "0db9a27c-77c1-4a21-8c24-885758effb30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116805325963552354", "content": "CRITICAL UniFi OS vulnerabilities (CVE-2026-34908/09/10) allow remote, unauthenticated attackers to bypass auth and execute commands (pre-5.0.8). Exploited in the wild. Patch ASAP: https://radar.offseq.com/threat/critical-ubiquiti-vulnerabilities-in-attackers-cro-da638630474e46d7 #OffSeq #infosec #Ubiquiti #vulnerability", "creation_timestamp": "2026-06-24T13:30:31.472177Z"} https://vulnerability.circl.lu/sighting/0db9a27c-77c1-4a21-8c24-885758effb30/export Wed, 24 Jun 2026 13:30:31 +0000 https://vulnerability.circl.lu/sighting/0c6c25e1-59ba-479d-88aa-4059c689923e/export {"uuid": "0c6c25e1-59ba-479d-88aa-4059c689923e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mp242uf3ov2y", "content": "CISA added 3 actively exploited Ubiquiti UniFi OS flaws, including CVE-2026-34908, -34909, and -34910. BishopFox says chained bugs can bypass auth, inject commands, and enable rogue admin creation. #Ubiquiti #UniFiOS #CISA", "creation_timestamp": "2026-06-24T14:15:24.622472Z"} {"uuid": "0c6c25e1-59ba-479d-88aa-4059c689923e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-34908", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mp242uf3ov2y", "content": "CISA added 3 actively exploited Ubiquiti UniFi OS flaws, including CVE-2026-34908, -34909, and -34910. BishopFox says chained bugs can bypass auth, inject commands, and enable rogue admin creation. #Ubiquiti #UniFiOS #CISA", "creation_timestamp": "2026-06-24T14:15:24.622472Z"} https://vulnerability.circl.lu/sighting/0c6c25e1-59ba-479d-88aa-4059c689923e/export Wed, 24 Jun 2026 14:15:24 +0000