{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-22557/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["unifi","path-traversal","nosql-injection","cve-2026-22557","cve-2026-22558"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eThe UniFi Network Application, a central platform for managing network devices across enterprise and SMB environments, is affected by two critical vulnerabilities: CVE-2026-22557 (Path Traversal) and CVE-2026-22558 (Authenticated NoSQL Injection). These vulnerabilities impact Official Release versions 10.1.85 and earlier, Release Candidate versions 10.2.93 and earlier, and UniFi Express (UX) versions 9.0.114 and earlier. Exploitation of CVE-2026-22557 enables attackers to access and manipulate…\u003c/p\u003e\n","date_modified":"2026-03-21T12:00:00Z","date_published":"2026-03-21T12:00:00Z","id":"/briefs/2026-03-unifi-vulns/","summary":"A combination of path traversal (CVE-2026-22557) and NoSQL injection (CVE-2026-22558) vulnerabilities in the UniFi Network Application allows attackers to access files, escalate privileges, and potentially compromise the entire system.","title":"UniFi Network Application Vulnerabilities CVE-2026-22557 and CVE-2026-22558","url":"https://feed.craftedsignal.io/briefs/2026-03-unifi-vulns/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-22557","version":"https://jsonfeed.org/version/1.1"}