PatchSiren cyber security CVE debrief
CVE-2026-55111 Ubiquiti Inc CVE debrief
A Path Traversal vulnerability was found in UniFi Protect Floodlight devices. This vulnerability allows a malicious actor with access to the network to exploit the vulnerability and access files on the UniFi Protect Floodlight. The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. Security teams and administrators should be aware of this vulnerability and take necessary actions to mitigate it.
- Vendor
- Ubiquiti Inc
- Product
- UniFi Protect Floodlight
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-02
- Original CVE updated
- 2026-07-09
- Advisory published
- 2026-07-02
- Advisory updated
- 2026-07-09
Who should care
Security teams and administrators responsible for UniFi Protect Floodlight devices should be aware of this vulnerability and take necessary actions to mitigate it. They should review and apply the vendor's security advisory and patch, restrict access to UniFi Protect Floodlight devices, and monitor for suspicious activity.
Technical summary
The CVE-2026-55111 vulnerability is a Path Traversal issue in UniFi Protect Floodlight devices. The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. The vulnerability allows a malicious actor with network access to exploit the vulnerability and access files on the UniFi Protect Floodlight. Affected product context indicates that security teams and administrators should review and apply vendor guidance.
Defensive priority
High
Recommended defensive actions
- Review and apply the vendor's security advisory and patch
- Restrict access to UniFi Protect Floodlight devices
- Monitor for suspicious activity
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
Evidence notes
The CVE record was published on 2026-07-02T15:17:04.987Z and was last modified on 2026-07-09T13:20:47.137Z. The NVD entry is currently Analyzed. The vulnerability affects UniFi Protect Floodlight devices. Evidence is based on CVE and NVD information. Defenders should verify affected product deployments and review vendor advisories.
Official resources
-
CVE-2026-55111 CVE record
CVE.org
-
CVE-2026-55111 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-02T15:17:04.987Z and has not been modified since then. The NVD entry is currently Analyzed.