CVE-2026-56841
Severity CVSS v4.0:
Pending analysis
Type:
CWE-89
SQL Injection
Publication date:
02/07/2026
Last modified:
02/07/2026
Description
A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH



