CVE-2026-24717 QTS, QuTS hero

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

CVE-2025-52428

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

CVE-2025-52859

CVE-2025-52859 affects QNAP QTS and QuTS hero. A NULL pointer dereference has been reported to enable a remote attacker with administrator privileges to cause a denial-of-service (DoS). The vulnerability impacts multiple QNAP OS versions, with confirmed mitigation in: QTS 5.2.6.3195 build 2025071...

QSAN Storage Manager 安全漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A directory traversal vulnerability exists in QSAN Storage Manager version 3.3.1 build 202101041800 and earlier versions, which can be exploited by an attacker to traverse files in an arbitrary directory...