QTS
CVE-2025-66276

9.2CRITICAL

Key Information:

Vendor

QNAP
Status
Qts
Quts Hero
Vendor
CVE Published:
10 June 2026

What is CVE-2025-66276?

QuTS hero is not affected.

We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later

Affected Version(s)

QTS 5.2.0 < 5.2.7.3256 build 20250913

QuTS hero ?

References

https://www.qnap.com/en/security-advisory/qsa-25-56

CVSS V4

Score:
9.2
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

VĂ­ctor A. Morales
.