CVE 8.7 HIGH

QuMagie_CVE-2026-44083

June 9, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges.

We have already fixed the vulnerability in the following version:
QuMagie 2.9.1 and later

AI Analysis

Authorization bypass vulnerability allowing remote attackers to gain unintended privileges

Basic Information

ID CVE-2026-44083

Source qnap

Published Jun 9, 2026 at 06:20

Affected Product

Vendor QNAP Systems Inc.

Product QuMagie

Version 2.9.0

Affected Versions QNAP Systems Inc. QuMagie 2.9.0

CWE Classification

CWE-639

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor QNAP Systems Inc.

Product QuMagie

Version 2.9.0

References

www.qnap.com /en/security-advisory/qsa-26-35

{
    "lastseen": "",
    "description": "An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to gain unintended privileges.\n\nWe have already fixed the vulnerability in the following version:\nQuMagie 2.9.1 and later",
    "published": "2026-06-09T06:20:47.247Z",
    "modified": "2026-06-09T06:20:47.247Z",
    "type": "cve",
    "title": "QuMagie",
    "source": "qnap",
    "references": "https://www.qnap.com/en/security-advisory/qsa-26-35",
    "id": "CVE-2026-44083",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "QNAP Systems Inc. QuMagie 2.9.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "QuMagie",
    "version": "2.9.0",
    "vendor": "QNAP Systems Inc.",
    "ai_description": "Authorization bypass vulnerability allowing remote attackers to gain unintended privileges",
    "ai_severity": "High",
    "ai_vendor": "QNAP Systems Inc.",
    "ai_product": "QuMagie",
    "ai_version": "2.9.0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply