THREAT OPS › Threat News › [CISA KEV] CVE-2026-34909 — Ubiquiti UniFi OS: Ubiquiti UniFi OS Path Traversal Vulnerability
[CISA KEV] CVE-2026-34909 — Ubiquiti UniFi OS: Ubiquiti UniFi OS Path Traversal Vulnerability
CVE: CVE-2026-34909 Vendor: Ubiquiti Product: UniFi OS Vulnerability: Ubiquiti UniFi OS Path Traversal Vulnerability Date Added: 2026-06-23 Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow a
MITRE ATT&CK techniques
- Cloud ServicesT1021.007
Indicators of compromise
- CVE-2026-34909cve
- https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963burl
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-34909