CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2026-2237

CVE-2026-2237 : A vulnerability in the Synology Storage Manager package (volume encryption) prior to version 1.0.1-1100 arises from using GET requests with sensitive query strings. This allows a local attacker to read sensitive information. Documents identify the affected component as the Storage...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

EUVD-2026-32153

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local attackers to obtain sensitive information...

CVE-2026-2237

A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive information...

Synology Safe Access 跨站脚本漏洞

Synology Safe Access is a network access control and parental monitoring system developed by Synology, a Chinese company. Versions of Synology Safe Access prior to 1.3.1-0329 contained a cross-site scripting vulnerability. This vulnerability stemmed from the cross-site scripting feature in the...

PT-2026-43592

Name of the Vulnerable Software and Affected Versions Synology Storage Manager versions prior to 1.0.1-1100 Description A flaw in the volume encryption component allows local attackers to obtain sensitive information. This occurs because the application uses the GET request method with sensitive...

EUVD-2026-23217

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-23772

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-23772

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2026-23772

CVE-2026-23772 affects Dell Storage Manager – Replay Manager for Microsoft Servers, version 8.0. The vulnerability is described as an Improper Privilege Management that could enable Elevation of Privileges by a low-privileged attacker with local access. The CVSS‑3.1 base score is 7.3 (HIGH). Dell...

CVE-2026-23772

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

Dell Storage Manager 安全漏洞

Dell Storage Manager is a centralized storage management platform developed by the American company Dell. It supports the configuration, monitoring, and automated maintenance of a full range of Dell EMC storage systems. Version 8.0 of Dell Storage Manager contains a security vulnerability, which...

PT-2026-33299

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

EUVD-2026-11367

StudioCMS S3 Storage Manager Authorization Bypass via Missing await on Async Auth Check...

StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check

Summary The S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in JavaScript, !isAuthorizedtype always evaluates to false, completely bypassing the authorization check...

CVE-2026-32101

CVE-2026-32101 affects StudioCMS S3 Storage Manager prior to version 0.3.1. The isAuthorized() function is async but is called without await in both the POST and PUT handlers, causing the authorization check to always evaluate to bypass due to Promise objects being truthy. As a result, any authen...

CVE-2026-32101 StudioCMS S3 Storage Manager Authorization Bypass via Missing `await` on Async Auth Check

StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized function is declared async returns Promise but is called without await in both the POST and PUT handlers. Since a Promise object is always truthy in...