Friday, 10 July 2026

QNAP company releases security updates

QNAP has notified its users of security vulnerabilities affecting QNAP products. A remote attacker can exploit these vulnerabilities (CVE-2025-59382, CVE-2025-62858, CVE-2025-66273, CVE-2025-66279, CVE-2025-66280, CVE-2025-66281, CVE-2026-22893, CVE-2025-68405, CVE-2026-26240, CVE-2026-26239, CVE-2026-26241, CVE-2026-24724, CVE-2026-22899, CVE-2026-24720, CVE-2026-24719, CVE-2026-24716, CVE-2026-24717) to trigger elevation of privilege, arbitary code execution, denial of service condition, sensitive information disclosure and security restrictions bypass on the targeted system.

Fixes have been added to the following versions of QNAP products to eliminate these vulnerabilities: QTS 5.2.9.3499, QuTS hero h5.2.9, QuTS cloud c5.2.9, QVP 2.8.0

More information on vulnerabilities and updates is available in QNAP security advisories – qnap.com.

01 July 2026

-
11