CISA KEV Catalog Adds 4 Exploited UniFi, Lantronix Bugs

CISA Adds Four Exploited UniFi OS and Lantronix Flaws to KEV Catalog

Do Son June 23, 2026 2 minutes read

At a glance

Product: Ubiquiti Inc UniFi OS Server, n/a
Vulnerabilities: 4 flaws (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910, CVE-2025-67038)
Highest severity: 10.0 (Critical · CVSSv3)
Worst impact: A malicious actor with access to the network could exploit an Improper Access Control...
Status: 4 exploited; patches available
Action: Update to 5.0.8, 5.1.12, 5.1.11, 5.1.10 (+1) now

CVE	CVSS (CVSSv3)	Type	Fixed in	Status
CVE-2026-34908	10	CWE-284	5.0.8, 5.1.12, 5.1.11 (+1)	Exploited
CVE-2026-34909	10	CWE-22	5.0.8, 4.0.14, 5.1.12 (+2)	Exploited
CVE-2026-34910	10	CWE-20	5.0.8, 5.1.12, 5.1.11 (+1)	Exploited
CVE-2025-67038	9.8	CWE-94	—	Exploited

TL;DR

CISA added four actively exploited flaws to its KEV catalog on June 23, 2026. The bugs hit Ubiquiti UniFi OS and Lantronix EDS5000 devices. Federal agencies must patch by June 26, 2026.

Why It Matters

These devices sit deep inside business and industrial networks. Therefore, one weak appliance can open a path to many systems. The CISA KEV catalog only lists flaws with proof of real-world attacks. So inclusion here signals urgent, confirmed risk. Three UniFi OS bugs each score a perfect CVSS 10. Meanwhile, the Lantronix flaw scores 9.8 and hands attackers root access. Ubiquiti gear alone runs on countless small-business and enterprise networks.

How the Attacks Work

Ubiquiti UniFi OS (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910)

A network attacker needs no credentials for these bugs. One flaw allows unauthorized system changes. Another walks the file system through path traversal. The third injects commands through weak input checks. Together, they can hand over full device control.

Lantronix EDS5000 (CVE-2025-67038)

The HTTP server builds a log command from the username. As a result, an attacker can inject OS commands during a failed login. Those commands then run with root privileges.

Affected Versions

The UniFi OS flaws affect Ubiquiti console and gateway devices. The Lantronix issue affects EDS5000 version 2.1.0.0R3.

Patch and Mitigation

Update UniFi OS to version 5.0.8 or later right now. Lantronix users should move to EDS5000 firmware 2.2.0.0R1. Until you patch, restrict management access to trusted networks. Also watch logs for odd requests and new admin changes. A public scanner can already flag vulnerable UniFi OS hosts. These CISA KEV catalog entries carry a June 26 federal deadline, so act fast.

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Written by

@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Critical Alert 4 Active Exploits Detected Today

Leave a Reply Cancel reply