CVE-2025-53594 Qfinder Pro, Qsync, QVPN

🗓️ 02 Jan 2026 15:18:26Reported by qnapType

CVE-2025-53594 path traversal lets attackers read files or system data; fixed in mac releases.

Reporter	Title	Published	Views	Family All 7
CNNVD	QNAP Systems多款产品安全漏洞	2 Jan 202600:00	–	cnnvd
CVE	CVE-2025-53594	2 Jan 202615:18	–	cve
EUVD	EUVD-2026-0665	2 Jan 202615:18	–	euvd
NVD	CVE-2025-53594	2 Jan 202616:16	–	nvd
Positive Technologies	PT-2026-1094	2 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-53594	3 Jan 202615:54	–	redhatcve
Vulnrichment	CVE-2025-53594 Qfinder Pro, Qsync, QVPN	2 Jan 202615:18	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "Qfinder Pro Mac",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "7.13.0",
        "status": "affected",
        "version": "7.13.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Qsync for Mac",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.1.5",
        "status": "affected",
        "version": "5.1.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QVPN Device Client for Mac",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "2.2.8",
        "status": "affected",
        "version": "2.2.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-25-55

02 Jan 2026 15:18Current

CVSS 47.3

EPSS0.00004

path traversal Qfinder Pro Qsync QVPN Mac mac fixes