Ubiquiti’s UniFi Network Application contains a critical CVSS 9.8 authentication or session management flaw (CWE-287/CWE-384) that may allow unauthenticated remote attackers to take over user accounts, potentially granting full administrative control over managed network infrastructure. A CVE is pending assignment and an emergency patch has been issued; no active exploitation or public proof-of-concept has been reported at time of publication. Immediate priorities: apply the emergency patch per Ubiquiti Security Advisory Bulletin 062, terminate and force re-authentication of all active sessions post-patch, and restrict management interface access to trusted IP ranges.