CVE-2026-22559
Received Received - Intake
Improper Input Validation in UniFi Network Server Enables Account Access

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: HackerOne

Description
An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server (Version 10.1.85 and earlier) Mitigation: Update UniFi Network Server to Version 10.1.89 or later.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-22559
EUVD
EUVD-2026-14988
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ubiquiti unifi_network_server to 10.1.89 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Improper Input Validation issue in the UniFi Network Server. It may allow an attacker to gain unauthorized access to a user's account if the account owner is tricked through social engineering into clicking a malicious link.

Impact Analysis

The vulnerability can lead to unauthorized access to user accounts, potentially compromising sensitive information and control over the affected UniFi Network Server.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the UniFi Network Server to Version 10.1.89 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-22559. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart