CVE-2026-21638
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
A malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airMAX Wireless Protocol to achieve a remote code execution (RCE) within the affected product. Affected Products: UBB-XG (Version 1.2.2 and earlier) UDB-Pro/UDB-Pro-Sector (Version 1.4.1 and earlier) UBB (Version 3.1.5 and earlier) Mitigation: Update your UBB-XG to Version 1.2.3 or later. Update your UDB-Pro/UDB-Pro-Sector to Version 1.4.2 or later. Update your UBB to Version 3.1.7 or later.
| Vendor | ubiquiti inc |
| Product | ubb-xg |
| Published | Jan 8, 2026 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for ubiquiti inc ubb-xg
Be the first to know when new high vulnerabilities affecting ubiquiti inc ubb-xg are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Ubiquiti Inc / UBB-XG
0 < 1.2.3
Ubiquiti Inc / UDB-Pro/UDB-Pro-Sector
0 < 1.4.2
Ubiquiti Inc / UBB
0 < 3.1.7