Ubiquiti UniFi OS command injection to root (actively exploited)
cve · CVE-2026-34910
Coverage timeline
1
first 2026-06-24 → last 2026-06-24
Briefs
1
1 distinct
Sources cited
6
5 hosts
Sections touched
1
deep_dive
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-24CTI Daily Brief — 2026-06-24
Where this entity is cited
- deep_dive1
Source distribution
- attack.mitre.org2 (33%)
- bleepingcomputer.com1 (17%)
- lumen.com1 (17%)
- scworld.com1 (17%)
- thehackernews.com1 (17%)
External references
All cited sources (6)
- scworld.comprimaryinlineSC Mediahttps://www.scworld.com/brief/ubiquiti-unifi-os-server-vulnerabilities-allow-unauthenticated-remote-code-execution
- attack.mitre.orginline`T1068` Exploitation for Privilege Escalationhttps://attack.mitre.org/techniques/T1068/
- attack.mitre.orginline`T1190` Exploit Public-Facing Applicationhttps://attack.mitre.org/techniques/T1190/
- bleepingcomputer.cominlineBleepingComputerhttps://www.bleepingcomputer.com/news/security/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities/
- lumen.cominlineLumen Black Lotus Labs, 2026-06-10https://www.lumen.com/blog/en-us/expanded-jdy-iot-and-soho-botnet-enables-rapid-vulnerability-exploitation
- thehackernews.cominlineThe Hacker News, 2026-06-10https://thehackernews.com/2026/06/china-linked-jdy-botnet-expands-to-1500.html
Items in briefs about Ubiquiti UniFi OS command injection to root (actively exploited)
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.