CVE-2026-34909
Known Exploited Vulnerability Entry KEVIntel
Entry Details
Confirmed Exploited2026-06-09 07:29 UTC
Timestamps
2026-06-09
2026-06-09
Scope
KEVIntel entry: A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the... | Affected: Ubiquiti Inc / UniFi OS Server, Express, UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, UDM-Beast, EFG, UDW, UDR, UDR7, UDR-5G, Express 7, UNVR, UNVR-Pro, UNVR-Instant, UNVR-G2, UNVR-G2-Pro, ENVR, ENVR-Core, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4, UNAS-Pro-8, UCKP, UCK, UCK-Enterprise, UCG-Ultra, UCG-Max, UCG-Fiber, UCG-Industrial | CVSS: 10.0 (CRITICAL) | EPSS: 0.00623 | Used in malware: unknown | Not yet in CISA KEV: True
References
- {'id': 'CVE-2026-34909', 'url': 'https://www.cve.org/CVERecord?id=CVE-2026-34909'}
- {'id': 'kevintel', 'url': 'https://kevintel.com/CVE-2026-34909'}
de3af882-4d92-4a98-a92c-c025d4818825
KEVIntel
caeb2787-0d58-4236-9039-7c86c3e566f3
2026-06-23 14:02 UTC
2026-07-10 06:14 UTC
Evidence
1| Type | Source | Signal | Confidence | Details | GCVE Metadata |
|---|---|---|---|---|---|
| public_report | kevintel | successful_exploitation | 0.70 |
View details
|
- |