Nosql-Injection

vulnerabilities 2026-04-06
Ubiquiti UniFi Network Application Hit With CVSS 10 Path Traversal — Unauthenticated Account Takeover Possible
CVE-2026-22557 is a maximum-severity path traversal in Ubiquiti UniFi Network Application that enables unauthenticated full account takeover. Chain it with CVE-2026-22558 for admin escalation. Patch to 10.1.89 immediately.
ubiquiti unifi cve-2026-22557 cve-2026-22558 path-traversal nosql-injection network-infrastructure account-takeover

Ubiquiti UniFi Network Application Hit With CVSS 10 Path Traversal — Unauthenticated Account Takeover Possible