Buffer Overflow Vulnerability in QNAP File Station
CVE-2026-26239

6.3MEDIUM

Key Information:

Vendor

QNAP

Vendor
CVE Published:
10 June 2026

What is CVE-2026-26239?

A buffer overflow vulnerability has been identified in QNAP's File Station software. If an attacker obtains a valid user account, they can exploit this vulnerability to alter memory allocations, potentially leading to denial of service or unauthorized modifications within the system. The issue has been addressed in File Station version 5.5.6.5208 and later, ensuring enhanced security for users. It is crucial for users to update their software to mitigate potential risks.

Affected Version(s)

File Station 5 5.5.0 < 5.5.6.5208

References

CVSS V4

Score:
6.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Moritz Abrell, SySS GmbH
.