Skip to main content

Overview

Ubiquiti have published information about critical and high-severity vulnerabilities affecting the UniFi Network Application. The vulnerabilities identified include a path traversal that can expose and manipulate underlying system files leading to account takeover, and an authenticated NoSQL injection enabling privilege escalation. Updates are available in 10.1.89/10.2.97 and UniFi Express firmware 4.0.13 (Network App 9.0.118) or later. 

  • CVE-2026-22557: Path Traversal in UniFi Network Application (CVSSv3 10.0). Affected versions: <= 10.1.85 (Official), <= 10.2.93(Release Candidate), <= 9.0.114 (UniFi Express) 
  • CVE-2026-22558: Authenticated NoSQL Injection in UniFi Network Application (CVSSv3 7.7). Affected versions: <= 10.1.85, <= 10.2.93, <= 9.0.114 

 

Angular have published information about a high-severity vulnerability affecting the framework’s i18n attribute handling. This vulnerability can bypass built-in sanitisation mechanisms and enable cross-site scripting (XSS) which can allow the attacker to execute unauthorised actions on behalf of the user. Upgrades are available in 19.2.20, 20.3.18, 21.2.4, or 22.0.0-next.3 depending on their current release train. 

  • CVE-2026-32635: Cross-Site Scripting (XXS) via i18n Attribute Binding in Angular (CVSSv3 8.6). Affected versions:  

@angular/compiler – 

  • >= 22.0.0-next.0 < 22.0.0-next.3 
  • >= 21.0.0-next.0 < 21.2.4 
  • >= 20.0.0-next.0 < 20.3.18 
  • >= 19.0.0-next.0 < 19.2.20 
  • >= 17.0.0-next.0 <= 18.2.14 

@angular/core – 

  • >= 22.0.0-next.0 < 22.0.0-next.3 
  • >= 21.0.0-next.0 < 21.2.4 
  • >= 20.0.0-next.0 < 20.3.18 
  • >= 19.0.0-next.0 < 19.2.20 
  • >= 17.0.0-next.0 <= 18.2.14 

 

Cisco have published information about a critical vulnerability affecting Secure Firewall Management Center (FMC) and Security Cloud Control (SCC). The vulnerability could allow unauthenticated remote code execution and elevate privileges to root. Cisco notes no workarounds, and reports indicate active exploitation. Patch immediately per Cisco’s advisory. 

  • CVE-2026-20131: Cisco Secure Firewall Management Center Software Remote Code Execution (CVSSv3 10.0). Affected versions: All configurations of Cisco Secure FMC Software and Cisco Security Cloud Control (SCC)  

 

Oracle have published information about a critical vulnerability affecting Fusion Middleware. The vulnerability is found in Oracle Identity Manager (REST WebServices) and Oracle Web Services Manager (Web Services Security), it can be exploited by an unauthenticated attacker with network access via HTTP, which could lead to remote code execution and a full product takeover. Oracle has issued an out-of-band security alert with patches that should be applied as soon as possible. 

  • CVE-2026-21992: Oracle Fusion Middleware REST and Web Services Manager Unauthenticated Remote Takeover (CVSSv3 9.8). Affected versions: = 12.2.1.4.0, = 14.1.2.1.0 

 

Recommended Action 

Organisations are encouraged toreview theappropriate securityadvisory pages and apply the updates:   

Ubiquiti - Security Advisory Bulletin 062 | Ubiquiti Community 

Angular -  XSS in i18n attribute bindings · Advisory · angular/angular · GitHub 

Cisco -  Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 

Oracle - Oracle Security Alert Advisory - CVE-2026-21992 

If youhaveany concerns, or have been affected by a cyber-related issue, report it to us bysubmittingaCyber Concerns Online Reporting Form. 

Topics

  • Advisory
  • Vulnerability
  • Exploit
  • Patches and Updates