Ui Unifi Network Application — known CVE vulnerabilities
Every CVE whose affected-product data names Ui Unifi Network Application, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2023-28365 — CVSS 9.1 (critical): A backup file vulnerability found in UniFi applications (Version 7.3.83 and earlier) running on Linux operating systems allows application…
CVE-2026-55114 — CVSS 8.8 (high): A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi…
CVE-2026-54406 — CVSS 8.7 (high): A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted…
CVE-2026-55118 — CVSS 8.3 (high): A malicious actor with access to the network,low privileges and under certain conditions could exploit an Improper Access Control…
CVE-2024-42025 — CVSS 7.8 (high): A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and…
CVE-2026-56842 — CVSS 7.5 (high): A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in…
CVE-2026-54405 — CVSS 7.5 (high): A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to…
CVE-2023-41721 — CVSS 5.3 (medium): Instances of UniFi Network Application that (i) are run on a UniFi Gateway Console, and (ii) are versions 7.5.176. and earlier, implement…
CVE-2023-32000 — CVSS 4.8 (medium): A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site…