PatchSiren cyber security CVE debrief
CVE-2026-47369 Ubiquiti Inc CVE debrief
CVE-2026-47369 is a critical vulnerability with a CVSS score of 9.9, affecting certain devices running UniFi OS. The vulnerability is caused by an Improper Input Validation issue, which allows a malicious actor with access to the network and low privileges to escalate privileges within UniFi OS devices or instances. The vulnerability was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-47369) and last modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2026-47369).
- Vendor
- Ubiquiti Inc
- Product
- UniFi OS Server
- CVSS
- CRITICAL 9.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-12
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-12
- Advisory updated
- 2026-06-12
Who should care
Administrators and users of UniFi OS devices should be aware of this vulnerability and take necessary steps to mitigate it.
Technical summary
The vulnerability is caused by an Improper Input Validation issue in UniFi OS devices. This allows a malicious actor with access to the network and low privileges to escalate privileges within UniFi OS devices or instances. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Defensive priority
High
Recommended defensive actions
- Apply patches or updates provided by the vendor as soon as possible.
- Restrict access to UniFi OS devices to only necessary personnel.
- Monitor network activity for suspicious behavior.
Evidence notes
The vendor and product information is currently unknown, but it is believed to be related to Ui.
Official resources
-
CVE-2026-47369 CVE record
CVE.org
-
CVE-2026-47369 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47369 was published on 2026-06-12T04:17:06.513Z and last modified on 2026-06-12T16:10:10.070Z.