What is CVE-2026-50746?
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device.
Timeline
- 2026-07-02Published to the U.S. National Vulnerability Database (NVD)
- 2026-07-09First covered in a defend.network daily briefing
Affected product
See advisory
Remediation Steps
- Update Ubiquiti UniFi Connect to the latest available version from Ubiquiti
- Also patch UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS as they contain related critical vulnerabilities
- Verify successful application of all security updates
- Monitor for unauthorized privilege escalation or command execution attempts
References
Referenced in our briefings & reports
Browse all tracked CVEs in the defend.network CVE database →
🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.