PatchSiren cyber security CVE debrief
CVE-2025-58468 QNAP Systems Inc. CVE debrief
A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. The vulnerability has already been fixed in Notification Center 1.10.0.3291 and later.
- Vendor
- QNAP Systems Inc.
- Product
- Notification Center
- CVSS
- MEDIUM 5.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of Notification Center versions prior to 1.10.0.3291
Technical summary
CVE-2025-58468 is a medium-severity (CVSS Score: 5.1) cross-site request forgery (CSRF) vulnerability affecting Notification Center. This vulnerability allows remote attackers to exploit the issue to gain privileges or hijack user identities.
Defensive priority
MEDIUM
Recommended defensive actions
- Update Notification Center to version 1.10.0.3291 or later
Evidence notes
The CVE-2025-58468 vulnerability has been confirmed to affect Notification Center. QNAP has released a security advisory (see resourceLinkAnnotations 'ref-4') detailing the issue and the fixed version.
Official resources
-
CVE-2025-58468 CVE record
CVE.org
-
CVE-2025-58468 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2025-58468 was published on 2026-06-10T03:16:24.377Z and modified on 2026-06-10T19:43:28.857Z.