Ubiquiti warns of maximum-severity UniFi OS vulnerability

Source

Where: Global
When: Published July 8, 2026, 04:15 AM ET
What happened: Ubiquiti released fixes for seven critical UniFi OS vulnerabilities, including a maximum-severity command-injection issue affecting UniFi Connect Application. The risk is material because Censys tracks more than 100,000 UniFi OS instances exposed online, and Ubiquiti devices have been repeatedly targeted for botnet and proxy infrastructure.

Edward Kiledjian @ekiledjian