{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-21634", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "state": "PUBLISHED", "assignerShortName": "hackerone", "dateReserved": "2026-01-01T15:00:02.338Z", "datePublished": "2026-01-05T16:47:38.917Z", "dateUpdated": "2026-01-05T20:42:08.706Z"}, "containers": {"cna": {"descriptions": [{"lang": "en", "value": "A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.\r\n\r\n\r\nAffected Products:\r\nUniFi Protect Application (Version 6.1.79 and earlier). \r\n \r\nMitigation:\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."}], "affected": [{"defaultStatus": "unaffected", "vendor": "Ubiquiti Inc", "product": "UniFi Protect Application", "versions": [{"version": "6.1.79", "status": "affected", "lessThan": "6.2.72", "versionType": "semver"}]}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM"}}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2026-01-05T16:47:38.917Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-05T20:42:03.431328Z", "id": "CVE-2026-21634", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-05T20:42:08.706Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-21634", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-05T20:42:03.431328Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-05T20:41:58.555Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}], "affected": [{"vendor": "Ubiquiti Inc", "product": "UniFi Protect Application", "versions": [{"status": "affected", "version": "6.1.79", "lessThan": "6.2.72", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"}], "descriptions": [{"lang": "en", "value": "A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.\r\n\r\n\r\nAffected Products:\r\nUniFi Protect Application (Version 6.1.79 and earlier). \r\n \r\nMitigation:\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2026-01-05T16:47:38.917Z"}}}, "cveMetadata": {"cveId": "CVE-2026-21634", "state": "PUBLISHED", "dateUpdated": "2026-01-05T20:42:08.706Z", "dateReserved": "2026-01-01T15:00:02.338Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2026-01-05T16:47:38.917Z", "assignerShortName": "hackerone"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*", "matchCriteriaId": "F58979E4-F426-4E50-BF77-7A94200D0357", "versionEndExcluding": "6.2.72", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A malicious actor with access to the adjacent network could overflow the UniFi Protect Application (Version 6.1.79 and earlier) discovery protocol causing it to restart.\r\n\r\n\r\nAffected Products:\r\nUniFi Protect Application (Version 6.1.79 and earlier). \r\n \r\nMitigation:\r\nUpdate your UniFi Protect Application to Version 6.2.72 or later."}], "id": "CVE-2026-21634", "lastModified": "2026-01-30T01:23:13.440", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "support@hackerone.com", "type": "Secondary"}]}, "published": "2026-01-05T17:15:47.243", "references": [{"source": "support@hackerone.com", "tags": ["Vendor Advisory"], "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T16:58:00.412028+00:00", "value": {"mitigation_remediation": ["Upgrade UniFi Protect to at least version\u00a06.2.72 to remove the overflow flaw.", "Restrict network access to the UniFi Protect environment by implementing VLAN segmentation or firewall rules that block discovery traffic from adjacent networks.", "Monitor system logs for repeated discovery attempts and review network traffic for abnormal patterns that could indicate exploitation attempts."], "summary": {"action": "Immediate Patch", "impact": "Denial of Service via Buffer Overflow"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Ubiquiti Inc\u2019s UniFi Protect Application running version 6.1.79 and all earlier releases. Users of this product should verify their deployment version to determine applicability.", "description_and_impact": "A buffer overflow exists in the UniFi Protect Application\u2019s discovery protocol that, when triggered by a crafted packet, causes the application to reboot. This flaw exploits improper bounds checking (CWE\u2011119) and results in a loss of service rather than compromising data confidentiality or integrity.", "risk_and_exploitability": "The CVSS score of 6.5 reflects a moderate severity, while the EPSS score of less than 1\u202f% indicates a very low likelihood of exploitation in the wild. The flaw is not listed in the CISA KEV catalog, suggesting no publicly known exploit activity. The attacker must be on the same local network or have sufficient network proximity to send the malformed discovery packet, making the attack vector likely to be adjacent network access."}}}}, "created": "2026-01-06T14:16:46.583006+00:00", "title": "Buffer Overflow in UniFi Protect Discovery Protocol Causes Application Restart", "updated": "2026-04-18T17:00:05.577493+00:00", "vendors": ["ubiquiti", "ubiquiti$PRODUCT$protect_application"]}