Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2025-29900

File Station 5_CVE-2025-29900

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user...

QNAP Systems Inc. File Station 5 5.5.x CVE
HIGH 7.1 CVE-2025-30260

Qsync Central_CVE-2025-30260

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user ...

QNAP Systems Inc. Qsync Central 4.5.x.x CVE
HIGH 7.1 CVE-2025-22483

License Center_CVE-2025-22483

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an admini...

QNAP Systems Inc. License Center 1.8.x CVE
HIGH 7.1 CVE-2025-29875

File Station 5_CVE-2025-29875

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then explo...

QNAP Systems Inc. File Station 5 5.5.x CVE
HIGH 7.5 CVE-2025-55763

CVE-2025-55763_CVE-2025-55763

Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (latest) allows a remote attacker to achieve remote code execution via a crafted HT...

n/a n/a n/a CVE
HIGH 7.1 CVE-2025-30261

Qsync Central_CVE-2025-30261

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user ...

QNAP Systems Inc. Qsync Central 5.0.x.x CVE
HIGH 7.7 CVE-2025-30264

QTS, QuTS hero_CVE-2025-30264

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, th...

QNAP Systems Inc. QTS 5.2.x CVE
HIGH 7.1 CVE-2025-30273

QTS, QuTS hero_CVE-2025-30273

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account,...

QNAP Systems Inc. QTS 5.2.x CVE
HIGH 8.3 CVE-2025-30277

Qsync Central_CVE-2025-30277

An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can the...

QNAP Systems Inc. Qsync Central 4.5.x.x CVE
HIGH 8.3 CVE-2025-30278

Qsync Central_CVE-2025-30278

An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can the...

QNAP Systems Inc. Qsync Central 4.5.x.x CVE