CVE-2026-26240

CVE-2026-26240 is a bufferoverflow in File Station 5. The vulnerability could allow a remote attacker to modify memory or crash processes. Public metrics show a high impact on integrity and availability with network attack vector and no user interaction required. The issue has been addressed in F...

EUVD-2026-35983

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

CVE-2026-26241 File Station 5

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

CVE-2026-26241

CVE-2026-26241 affects File Station 5; a buffered overflow in a component of File Station 5. Exploitation could crash or modify memory, with impact described as high on integrity and availability (per CVSS data). A fix is available in File Station 5 5.5.6.5243 and later. Public details across con...

CVE-2026-26241 File Station 5

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

EUVD-2026-35980

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.52...

CVE-2026-26239

CVE-2026-26239 affects QNAP File Station 5. A buffer overflow vulnerability could be triggered when a remote attacker who has a user account gains access to the system, allowing memory modification or process crashes. The issue has been fixed in File Station 5 version 5.5.6.5208 and later. The pu...

CVE-2026-24720 File Station 5

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

CVE-2026-22899 File Station 5

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

PT-2026-48376

Name of the Vulnerable Software and Affected Versions Synology File Station 5 versions prior to 5.5.6.5243 Description A buffer overflow occurs, which allows remote attackers to modify memory or cause processes to crash. A buffer overflow is a condition where a program writes more data to a memor...

PT-2026-48377

Name of the Vulnerable Software and Affected Versions File Station 5 versions prior to 5.5.6.5243 Description A buffer overflow occurs, which is a condition where a program writes more data to a block of memory than it is allocated to hold. Remote attackers can exploit this issue to modify memory...

CVE-2025-62856

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

CVE-2025-66278

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

CVE-2026-22894

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

CVE-2025-62856

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File...

CVE-2025-57713

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later...

CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later...

CVE-2025-54161 File Station 5

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

CVE-2025-54163 File Station 5

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Statio...

CVE-2025-54169

CVE-2025-54169 affects File Station 5. A remote attacker who has a user account can exploit an out-of-bounds read to access secret data. The vulnerability is characterized by NETWORK attack vector, low attack complexity, and no user interaction, with a CVSS v4.0 base score of 7.1 (HIGH). The impa...