PatchSiren cyber security CVE debrief
CVE-2026-26239 Qnap CVE debrief
A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
- Vendor
- Qnap
- Product
- File Station
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-12
Who should care
Administrators and users of QNAP File Station 5, especially those with remote access or user accounts.
Technical summary
The vulnerability is a buffer overflow issue in File Station 5, which can be exploited by a remote attacker with a user account to modify memory or crash processes. The CVSS score for this vulnerability is 8.7, indicating a high severity.
Defensive priority
High
Recommended defensive actions
- Update File Station 5 to version 5.5.6.5208 or later.
Evidence notes
The vulnerability has been fixed in File Station 5 version 5.5.6.5208 and later.
Official resources
-
CVE-2026-26239 CVE record
CVE.org
-
CVE-2026-26239 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
[email protected] - Broken Link
CVE-2026-26239 was published on 2026-06-10T04:17:21.290Z and modified on 2026-06-12T12:53:47.567Z.