CVE Catalog

CVE-2026-55113

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

An SSRF vulnerability in UniFi Talk Application allows an attacker with network access to perform a DoS attack and bypass authentication on certain API endpoints.

Risk Assessment

The organization risks service disruption of UniFi Talk and unauthorized access to sensitive API functions, potentially leading to data leakage or further attacks.

Recommendation

Immediately update UniFi Talk Application to the latest patched version and restrict network access to trusted hosts.

Original NVD description (English source)

A malicious actor with access to the network could exploit a Server-Side Request Forgery (SSRF) vulnerability found in UniFi Talk Application to execute a Denial of Service (DoS) attack and bypass authentication in certain UniFi Talk API endpoints.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS