CVE Catalog

CVE-2026-55115

CriticalCVSS 9.9
Published: Updated: Translated: NVD NIST

Summary

An SSRF vulnerability in UniFi Protect Application allows an attacker with network access and low privileges to escalate privileges on the host device.

Risk Assessment

The organization is at risk of host device takeover by an attacker, potentially leading to data confidentiality and integrity breaches.

Recommendation

Immediately update UniFi Protect Application to the latest version and restrict network access to trusted users only.

Original NVD description (English source)

A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) in UniFi Protect Application to escalate privileges on the host device.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS