Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-26241 |
|
Vulnerability in qnap (CVE-2026-26241)
vulnerability in qnap (CVE-2026-26241). Data can be tampered with by attackers.
|
| CVE-2026-26240 |
|
Vulnerability in qnap (CVE-2026-26240)
vulnerability in qnap (CVE-2026-26240). Data can be tampered with by attackers.
|
| CVE-2026-26239 |
|
Vulnerability in qnap (CVE-2026-26239)
vulnerability in qnap (CVE-2026-26239). Data can be tampered with by attackers.
|
| CVE-2026-26237 |
|
Vulnerability in qnap (CVE-2026-26237)
vulnerability in qnap (CVE-2026-26237). Confidential information can be exposed externally.
|
| CVE-2026-24724 |
|
Authorization Flaw in qnap (CVE-2026-24724)
vulnerability in qnap (CVE-2026-24724). Confidential information can be exposed externally.
|
| CVE-2026-24720 |
|
Vulnerability in qnap (CVE-2026-24720)
vulnerability in qnap (CVE-2026-24720). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24719 |
|
OS Command Injection in qnap (CVE-2026-24719)
OS command injection in qnap (CVE-2026-24719). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24717 |
|
Path Traversal in path-traversal (CVE-2026-24717)
path traversal in path-traversal (CVE-2026-24717). Confidential information can be exposed externally.
|
| CVE-2026-24716 |
|
Vulnerability in dos (CVE-2026-24716)
vulnerability in dos (CVE-2026-24716). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22899 |
|
Vulnerability in dos (CVE-2026-22899)
vulnerability in dos (CVE-2026-22899). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22893 |
|
OS Command Injection in qnap (CVE-2026-22893)
OS command injection in qnap (CVE-2026-22893). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66281 |
|
Vulnerability in dos (CVE-2025-66281)
vulnerability in dos (CVE-2025-66281). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66273 |
|
OS Command Injection in qnap (CVE-2025-66273)
OS command injection in qnap (CVE-2025-66273). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66279 |
|
OS Command Injection in qnap (CVE-2025-66279)
OS command injection in qnap (CVE-2025-66279). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66280 |
|
Vulnerability in qnap (CVE-2025-66280)
vulnerability in qnap (CVE-2025-66280). Successful exploitation can lead to full system takeover.
|
| CVE-2025-62851 |
|
Path Traversal in path-traversal (CVE-2025-62851)
path traversal in path-traversal (CVE-2025-62851). Confidential information can be exposed externally.
|
| CVE-2025-62850 |
|
Vulnerability in dos (CVE-2025-62850)
vulnerability in dos (CVE-2025-62850). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66276 |
|
Vulnerability in qnap (CVE-2025-66276)
vulnerability in qnap (CVE-2025-66276). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44083 |
|
Vulnerability in qnap (CVE-2026-44083)
vulnerability in qnap (CVE-2026-44083). Successful exploitation can lead to full system takeover.
|
| CVE-2025-62858 |
|
Vulnerability in qnap (CVE-2025-62858)
vulnerability in qnap (CVE-2025-62858). Data can be tampered with by attackers.
|
| CVE-2026-41539 |
|
Cross-Site Scripting (XSS) in qnap (CVE-2026-41539)
cross-site scripting in qnap (CVE-2026-41539). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-26236 |
|
Vulnerability in qnap (CVE-2026-26236)
vulnerability in qnap (CVE-2026-26236). Confidential information can be exposed externally.
|
| CVE-2026-22895 |
|
Cross-Site Scripting (XSS) in qnap (CVE-2026-22895)
cross-site scripting in qnap (CVE-2026-22895). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66274 |
|
Vulnerability in dos (CVE-2025-66274)
vulnerability in dos (CVE-2025-66274). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-59381 |
|
Path Traversal in path-traversal (CVE-2025-59381)
path traversal in path-traversal (CVE-2025-59381). Confidential information can be exposed externally.
|
| CVE-2023-47565 KEV |
|
[KEV] OS Command Injection in Qnap viostor-nvr (CVE-2023-47565)
OS command injection in Qnap viostor-nvr (CVE-2023-47565). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-27593 KEV |
|
[KEV] Vulnerability in Qnap photo-station (CVE-2022-27593)
vulnerability in Qnap photo-station (CVE-2022-27593). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7195 KEV |
|
[KEV] Path Traversal in Qnap photo-station (CVE-2019-7195)
path traversal in Qnap photo-station (CVE-2019-7195). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7194 KEV |
|
[KEV] Path Traversal in Qnap photo-station (CVE-2019-7194)
path traversal in Qnap photo-station (CVE-2019-7194). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7193 KEV |
|
[KEV] Vulnerability in Qnap qts (CVE-2019-7193)
vulnerability in Qnap qts (CVE-2019-7193). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7192 KEV |
|
[KEV] Authorization Flaw in Qnap photo-station (CVE-2019-7192)
vulnerability in Qnap photo-station (CVE-2019-7192). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19953 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Qnap network-attached-storage-nas (CVE-2018-19953)
cross-site scripting in Qnap network-attached-storage-nas (CVE-2018-19953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19949 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949)
vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19943 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Qnap network-attached-storage-nas (CVE-2018-19943)
cross-site scripting in Qnap network-attached-storage-nas (CVE-2018-19943). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-2509 KEV |
|
[KEV] Command Injection in qnap (CVE-2020-2509)
command injection in qnap (CVE-2020-2509). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-28799 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2021-28799)
vulnerability in Qnap network-attached-storage-nas (CVE-2021-28799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-17031 |
|
Buffer Overflow in qnap (CVE-2017-17031)
vulnerability in qnap (CVE-2017-17031). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17030 |
|
Buffer Overflow in qnap (CVE-2017-17030)
vulnerability in qnap (CVE-2017-17030). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17032 |
|
Buffer Overflow in qnap (CVE-2017-17032)
vulnerability in qnap (CVE-2017-17032). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17033 |
|
Buffer Overflow in qnap (CVE-2017-17033)
vulnerability in qnap (CVE-2017-17033). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17029 |
|
Buffer Overflow in qnap (CVE-2017-17029)
vulnerability in qnap (CVE-2017-17029). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17028 |
|
Buffer Overflow in qnap (CVE-2017-17028)
vulnerability in qnap (CVE-2017-17028). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17027 |
|
Buffer Overflow in qnap (CVE-2017-17027)
vulnerability in qnap (CVE-2017-17027). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13070 |
|
Vulnerability in qnap (CVE-2017-13070)
vulnerability in qnap (CVE-2017-13070). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13071 |
|
Command Injection in qnap (CVE-2017-13071)
command injection in qnap (CVE-2017-13071). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13069 |
|
Command Injection in qnap (CVE-2017-13069)
command injection in qnap (CVE-2017-13069). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13068 |
|
SQL Injection in sqli (CVE-2017-13068)
SQL injection in sqli (CVE-2017-13068). Confidential information can be exposed externally.
|
| CVE-2017-10700 |
|
Vulnerability in qnap (CVE-2017-10700)
vulnerability in qnap (CVE-2017-10700). Successful exploitation can lead to full system takeover.
|
| CVE-2017-13067 |
|
Vulnerability in qnap (CVE-2017-13067)
vulnerability in qnap (CVE-2017-13067). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12582 |
|
Vulnerability in qnap (CVE-2017-12582)
vulnerability in qnap (CVE-2017-12582). Successful exploitation can lead to full system takeover.
|