CVE: CVE-2026-50746 (UniFi Connect), CVE-2026-50747 (UniFi Talk), CVE-2026-50748 (UniFi Access) | CVSS Range: 9.9 – 10.0 (Critical) | Vendor: Ubiquiti | Product: UniFi Connect, UniFi Talk, UniFi Access Applications | Affected: Connect up to 3.4.16, Talk up to 5.1.2, Access affected versions per advisory
What Is the Vulnerability
Ubiquiti has released security updates addressing three new critical vulnerabilities across its UniFi application portfolio. CVE-2026-50746 (UniFi Connect, CVSS 10.0): An improper access control vulnerability allowing an attacker with network access to execute command injection on the host device. CVE-2026-50747 (UniFi Talk, CVSS 9.9): A series of authenticated SQL injection vulnerabilities enabling privilege escalation. CVE-2026-50748 (UniFi Access, CVSS 9.9): An improper input validation vulnerability enabling command injection. These join the 11 UniFi OS CVEs disclosed on July 8, bringing the total to 14 new critical UniFi vulnerabilities in two days.
Versions Affected
- UniFi Connect Application: versions 3.4.16 and earlier (fixed in 3.4.20)
- UniFi Talk Application: versions 5.1.2 and earlier (fixed in 5.2.2)
- UniFi Access Application: affected versions per advisory
Exploited?
No confirmed exploitation reported at time of publication. Ubiquiti released patches proactively. Given the severity (CVSS 10.0 in UniFi Connect) and the pattern of broad exploitation of Ubiquiti vulnerabilities, organisations should treat this as urgent.
Fix
Ubiquiti has released updated versions for each affected application.
- UniFi Connect: Update to version 3.4.20 or later.
- UniFi Talk: Update to version 5.2.2 or later.
- UniFi Access: Apply the latest patched version per advisory.
Recommendations
- Patch all UniFi applications: Apply updates across Connect, Talk, Access, plus the previously disclosed OS and Protect vulnerabilities.
- Total 14 CVEs: This is the third disclosure wave in as many days — treat all Ubiquiti UniFi patches as a single coordinated update.
- Restrict network access: Ensure UniFi application management interfaces are not exposed to untrusted networks.
References
- The Hacker News: Ubiquiti UniFi updates
- Ubiquiti Security Advisories (Connect, Talk, Access)
Part of the Vulnerability Intelligence series on threat-modeling.com. July 9, 2026 Report.
