Qnap Security Vulnerabilities (CVEs)
Track 239 security vulnerabilities affecting Qnap products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes a link following vulnerability in QNAP operating systems that allows remote attackers to traverse the file system to unintended loc...
Feb 11, 2026A path traversal vulnerability in QNAP File Station 5 allows local attackers with administrator privileges to read arbitrary files and system data. Th...
Feb 11, 2026A path traversal vulnerability in QNAP File Station 5 allows authenticated attackers to read arbitrary files on the system. This affects QNAP NAS devi...
Feb 11, 2026A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service c...
Feb 11, 2026An uncontrolled resource consumption vulnerability in QNAP File Station 5 allows authenticated remote attackers to cause denial-of-service conditions....
Feb 11, 2026This vulnerability in Qsync Central allows authenticated administrators to allocate resources without limits, potentially causing denial of service by...
Feb 11, 2026A relative path traversal vulnerability in Qsync Central allows authenticated attackers to read arbitrary files on the system. This affects all Qsync ...
Feb 11, 2026A path traversal vulnerability in Qsync Central allows authenticated attackers to read arbitrary files on the system. This affects all Qsync Central i...
Feb 11, 2026This vulnerability in Qsync Central allows authenticated attackers with administrator privileges to allocate system resources without limits, potentia...
Feb 11, 2026A use of uninitialized variable vulnerability in QNAP operating systems allows attackers with administrator access to cause denial of service or manip...
Feb 11, 2026This vulnerability in Qsync Central allows authenticated remote attackers to perform resource exhaustion attacks by allocating resources without limit...
Feb 11, 2026A buffer overflow vulnerability in Qsync Central allows authenticated remote attackers to modify memory or crash processes. This affects all Qsync Cen...
Feb 11, 2026This path traversal vulnerability in QNAP File Station 5 allows authenticated administrators to read arbitrary files on the system. Attackers who comp...
Feb 11, 2026An out-of-bounds read vulnerability in QNAP File Station 5 allows authenticated remote attackers to read sensitive memory contents. This affects users...
Feb 11, 2026A static code injection vulnerability in QNAP File Station 5 allows authenticated attackers to access restricted files and data. This affects users of...
Feb 11, 2026A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to cause denial-of-service conditions. This affects or...
Feb 11, 2026An uncontrolled resource consumption vulnerability in Qsync Central allows local attackers with user accounts to launch denial-of-service attacks by e...
Feb 11, 2026An uncontrolled resource consumption vulnerability in Qsync Central allows local attackers with user accounts to launch denial-of-service attacks by e...
Feb 11, 2026This vulnerability in QNAP File Station 5 allows a remote attacker with administrator credentials to allocate system resources without limits, potenti...
Feb 11, 2026A buffer overflow vulnerability in Qsync Central allows authenticated remote attackers to modify memory or crash processes. This affects all Qsync Cen...
Feb 11, 2026A NULL pointer dereference vulnerability in Qsync Central allows remote attackers with valid user credentials to cause a denial-of-service condition. ...
Feb 11, 2026A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to cause denial-of-service conditions. This affects or...
Feb 11, 2026An out-of-bounds write vulnerability in Qsync Central allows authenticated remote attackers to modify or corrupt memory. This affects QNAP Qsync Centr...
Feb 11, 2026A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to cause denial-of-service conditions. This affects or...
Feb 11, 2026A buffer overflow vulnerability in Qsync Central allows authenticated remote attackers to modify memory or crash processes. This affects all QNAP Qsyn...
Feb 11, 2026A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects user...
Feb 11, 2026A NULL pointer dereference vulnerability in Qsync Central allows authenticated remote attackers to cause denial-of-service conditions. This affects or...
Feb 11, 2026An out-of-bounds read vulnerability in QNAP Media Streaming add-on allows attackers with local network access to read sensitive memory contents. This ...
Feb 11, 2026This CVE-2025-9110 vulnerability allows remote attackers to read sensitive system information from affected QNAP devices without authorization. Attack...
Jan 2, 2026A path traversal vulnerability in QNAP operating systems allows authenticated administrators to read arbitrary files. This affects QNAP NAS devices ru...
Jan 2, 2026A path traversal vulnerability in Qfiling allows remote attackers to read arbitrary files on the system by manipulating file paths. This affects all Q...
Jan 2, 2026An SQL injection vulnerability in Hyper Data Protector allows remote attackers to execute unauthorized SQL commands. This affects all systems running ...
Jan 2, 2026A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modify memory or crash processes. ...
Jan 2, 2026This vulnerability in QNAP HBS 3 Hybrid Backup Sync allows error messages to expose sensitive application data. Attackers with local network access ca...
Jan 2, 2026This vulnerability in QNAP HBS 3 Hybrid Backup Sync allows attackers with local network access to manipulate file paths, potentially reading or modify...
Jan 2, 2026A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modify memory or crash processes. ...
Jan 2, 2026An out-of-bounds read vulnerability in QNAP License Center allows authenticated remote attackers to read sensitive memory contents. This affects users...
Jan 2, 2026A buffer overflow vulnerability in QNAP License Center allows authenticated administrators to modify memory or crash processes. This affects systems r...
Jan 2, 2026This CVE describes a path traversal vulnerability in QNAP operating systems that allows authenticated attackers with administrator privileges to read ...
Jan 2, 2026This critical vulnerability in Malware Remover allows remote attackers to bypass security protections through improper code generation control. Attack...
Jan 2, 2026An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to read sensitive memory data. Th...
Jan 2, 2026This CVE describes a resource allocation vulnerability in QNAP operating systems where an authenticated attacker with administrator privileges can exh...
Jan 2, 2026A cross-site scripting (XSS) vulnerability in QuMagie allows remote attackers to inject malicious scripts that execute in users' browsers. This affect...
Jan 2, 2026A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modify memory or crash processes. ...
Jan 2, 2026A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service c...
Jan 2, 2026An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to read sensitive memory data. Th...
Jan 2, 2026An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to read sensitive memory contents...
Jan 2, 2026A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service c...
Jan 2, 2026A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service c...
Jan 2, 2026A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service c...
Jan 2, 2026Why Monitor Qnap Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 239+ known vulnerabilities affecting Qnap products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Qnap packages in under 60 seconds. No agents required - completely agentless scanning that works across Qnap deployments.
Free vulnerability database: Access detailed information about every Qnap CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Qnap CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
