Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication.
The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in May and impact UniFi OS Server versions 5.0.6 and earlier.
While all three flaws received the maximum severity rating despite their exploitation requiring access to the network, the vendor's advisory did not mention that they could be chained for remote code execution.
CVE-2026-34908 is an improper access control flaw that can allow unauthorized changes to vulnerable systems
CVE-2026-34909 is a path traversal vulnerability that can expose files on the underlying operating system
