Ui Security Vulnerabilities (CVEs)

Track 21 security vulnerabilities affecting Ui products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

8 Critical

10 High

3 Medium

Sort by:

🔔 Get Alerts for Ui

CVE-2026-21638 8.8

This vulnerability allows attackers within Wi-Fi range to execute arbitrary code on affected Ubiquiti airMAX devices by exploiting a flaw in the wirel...

Jan 8, 2026

CVE-2026-21639 5.4

This vulnerability allows attackers within Wi-Fi range to execute arbitrary code on affected Ubiquiti airMAX and airFiber devices by exploiting a flaw...

Jan 8, 2026

CVE-2026-21633 8.8

An attacker on the same network can exploit a discovery protocol vulnerability in UniFi Protect Application to gain unauthorized access to UniFi Prote...

Jan 5, 2026

CVE-2026-21634 6.5

An attacker on the same network can crash the UniFi Protect Application by sending specially crafted discovery protocol packets. This affects all UniF...

Jan 5, 2026

CVE-2026-21635 5.3

An improper access control vulnerability in EV Station Lite (v1.5.2 and earlier) allows attackers within Wi-Fi range to use the WiFi AutoLink feature ...

Jan 5, 2026

CVE-2025-59467 7.5

This Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP invoices Plugin allows attackers to execute malicious scripts in administrato...

Jan 5, 2026

CVE-2025-52665 10.0

An authentication bypass vulnerability in UniFi Access door control software allows attackers on the management network to access administrative APIs ...

Oct 31, 2025

CVE-2024-42025 7.8

This CVE describes a command injection vulnerability in self-hosted UniFi Network Application servers running Linux. An attacker with existing 'unifi'...

Sep 13, 2024

CVE-2023-35085 9.8

An integer overflow vulnerability in UniFi network devices with SNMP monitoring enabled allows remote attackers to execute arbitrary code. This affect...

Aug 10, 2023

CVE-2023-28365 9.1

This vulnerability allows authenticated UniFi application administrators to execute arbitrary commands on the host system during backup restoration. I...

Jul 1, 2023

CVE-2023-31997 9.0

UniFi OS 3.1 introduces a misconfiguration that allows local network users to directly access MongoDB on affected Cloud Key devices. This vulnerabilit...

Jul 1, 2023

CVE-2023-1458 7.2

CVE-2023-1458 is a command injection vulnerability in Ubiquiti EdgeRouter X's OSPF handler that allows authenticated attackers to execute arbitrary co...

Mar 25, 2023

CVE-2023-1456 7.2

CVE-2023-1456 is a post-authentication command injection vulnerability in Ubiquiti EdgeRouter X's NAT Configuration Handler. Attackers with administra...

Mar 25, 2023

CVE-2023-24104 9.8

This vulnerability in Ubiquiti Networks UniFi Dream Machine Pro allows attackers to bypass domain restrictions via crafted packets, potentially enabli...

Feb 23, 2023

CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with network access to execute arbitrary code and take cont...

Apr 1, 2022

CVE-2021-44530 9.8

This is the Log4Shell vulnerability (CVE-2021-44228) affecting UniFi Network software. It allows remote code execution via JNDI injection in Log4j, en...

Jan 14, 2022

CVE-2021-22957 8.8

A Cross-Origin Resource Sharing (CORS) vulnerability in UniFi Protect application allows attackers to perform cross-origin attacks when a privileged u...

Nov 24, 2021

CVE-2021-22952 8.8

This vulnerability allows an attacker who has already compromised a network to take control of UniFi Talk devices that haven't been adopted yet. It af...

Sep 23, 2021

CVE-2021-22943 9.6

This vulnerability allows an attacker who has already compromised a network to take control of UniFi Protect cameras on that network. It affects UniFi...

Aug 31, 2021

CVE-2021-33820 7.5

This vulnerability allows attackers to perform a denial-of-service attack against UniFi Protect G3 FLEX cameras by flooding them with TCP SYN packets,...

Jun 18, 2021

CVE-2020-24755 7.8

CVE-2020-24755 is a DLL hijacking vulnerability in Ubiquiti UniFi Video software that allows attackers to execute arbitrary code by placing malicious ...

May 17, 2021

Why Monitor Ui Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 21+ known vulnerabilities affecting Ui products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Ui packages in under 60 seconds. No agents required - completely agentless scanning that works across Ui deployments.

Free vulnerability database: Access detailed information about every Ui CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Ui CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Ui CVEs Free