NULL Pointer Dereference Vulnerability in QNAP File Station
CVE-2026-22899
1.3LOW
What is CVE-2026-22899?
A NULL pointer dereference vulnerability has been identified in QNAP’s File Station 6 product. This vulnerability allows a remote attacker, who has gained user account access, to exploit the flaw and potentially initiate a denial-of-service (DoS) attack. Users are advised to update to File Station version 5.5.6.5208 or later to mitigate any risk associated with this vulnerability.
Affected Version(s)
File Station 5 5.5.0 < 5.5.6.5208