Security
CISA KEV adds Ubiquiti UniFi OS and Lantronix EDS5000 flaws
- Category: Security
- Status: confirmed
- Sources: CISA KEV catalog
- Summary: The CISA Known Exploited Vulnerabilities catalog advanced to version 2026.06.23 (count 1627). The 2026-06-23 batch added the three Ubiquiti UniFi OS Server flaws (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910; covered in Top stories) plus CVE-2025-67038 in the Lantronix EDS5000 industrial device server. No additional developer-facing CVE was added past the Splunk Enterprise CVE-2026-20253 entry (2026-06-18).
- Why it matters: Network-edge and device-server appliances dominate this batch, where unauthenticated exposure on the management plane is the common risk.
- Follow-up: Watch for further KEV additions and any developer-infrastructure CVEs.