Ubiquiti, Ghost CMS, and Cisco Patch Critical Vulnerabilities

Ubiquiti patched three vulnerabilities affecting its networking devices, though specific CVE IDs or technical details were not disclosed. Ghost CMS confirmed active exploitation of an SQL injection (SQLi) flaw, with attackers targeting unpatched instances. Cisco released fixes for a critical CVSS 10-rated vulnerability, though the affected product and CVE identifier were not specified in the report. The patches address risks including remote code execution, unauthorized access, or system compromise. All updates were released on or before May 26, 2026, with no additional attack scope or victim details provided. The vulnerabilities impact enterprise and consumer-grade hardware and content management systems.