qnap

613 tracked vulnerabilities.

CVE-2025-48725 HIGH
QNAP QTS and QuTS hero - Authenticated Buffer Overflow
Feb 11, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-48724 HIGH
Qsync Central <5.0.0.4 - Buffer Overflow
Feb 11, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-48723 HIGH
Qsync Central <5.0.0.4 - Buffer Overflow
Feb 11, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-48722 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-47209 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-47205 MEDIUM
QNAP QTS and QuTS hero - Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-30276 HIGH
Qsync Central <5.0.0.4 - Memory Corruption
Feb 11, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-30269 HIGH
Qsync Central <5.0.0.4 - Memory Corruption
Feb 11, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-30266 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via NULL Pointer Dereference
Feb 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-9110 HIGH
QNAP QTS and QuTS hero - Exposure of Sensitive System Information
Jan 02, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-62852 MEDIUM
QNAP QTS and QuTS hero - Stack-based Buffer Overflow
Jan 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-62842 HIGH
HBS 3 Hybrid Backup Sync <26.2.0.938 - Path Traversal
Jan 02, 2026
CVSS 7.8
EPSS 0.00
CVE-2025-62840 LOW
HBS 3 Hybrid Backup Sync < 26.2.0.938 - Information Disclosure via Error Message
Jan 02, 2026
CVSS 3.3
EPSS 0.00
CVE-2025-59389 CRITICAL
QNAP Hyper Data Protector < 2.2.4.1 - SQL Injection
Jan 02, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-59384 HIGH
Qfiling - Path Traversal
Jan 02, 2026
CVSS 7.5
EPSS 0.00
CVE-2025-59381 MEDIUM
QNAP QTS and QuTS hero - Authenticated Path Traversal
Jan 02, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-59380 MEDIUM
QNAP QTS and QuTS hero - Authenticated Path Traversal
Jan 02, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-53597 MEDIUM
License Center <2.0.36 - Buffer Overflow
Jan 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-52871 MEDIUM
QNAP License Center 2.0.17-2.0.35 - Authenticated Out-of-Bounds Read
Jan 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-48721 MEDIUM
QNAP QTS - Authenticated Stack-based Buffer Overflow
Jan 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-11837 CRITICAL
QNAP Malware Remover < 6.6.8.20251023 - Code Injection
Jan 02, 2026
CVSS 9.8
EPSS 0.00
CVE-2025-62857 MEDIUM
QuMagie 2.0.0-2.8.0 - Cross-Site Scripting
Jan 02, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-57705 MEDIUM
QNAP QTS and QuTS hero - Resource Exhaustion via Administrator Account
Jan 02, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-54166 MEDIUM
QNAP QTS and QuTS hero - Authenticated Out-of-bounds Read
Jan 02, 2026
CVSS 4.9
EPSS 0.00
CVE-2025-54165 MEDIUM
QNAP QTS and QuTS hero - Authenticated Out-of-bounds Read
Jan 02, 2026
CVSS 4.9
EPSS 0.00
Products
qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV