Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 02 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session. | |
| Weaknesses | CWE-942 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: hackerone
Published:
Updated: 2026-07-02T15:52:20.711Z
Reserved: 2026-06-16T15:00:01.614Z
Link: CVE-2026-55110
Updated: 2026-07-02T15:41:36.930Z
No data.
No data.
OpenCVE Enrichment
No data.