Skip to main content
CVE-2025-52426 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. [CVSS 4.9 MEDIUM]

Qnap Null Pointer Dereference Quts Hero Qts
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-54166 MEDIUM This Month

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. [CVSS 4.9 MEDIUM]

Qnap Qts Quts Hero
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-54165 MEDIUM This Month

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. [CVSS 4.9 MEDIUM]

Qnap Quts Hero Qts
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-54164 MEDIUM This Month

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. [CVSS 4.9 MEDIUM]

Qnap Qts Quts Hero
NVD
CVSS 3.1
4.9
EPSS
0.1%
CVE-2025-59380 MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. [CVSS 4.9 MEDIUM]

Qnap Path Traversal Qts Quts Hero
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-69284 MEDIUM This Month

Plane is an an open-source project management tool. In plane.io, a guest user doesn't have a permission to access https[:]//app[.]plane[.]so/[:]slug/settings. [CVSS 4.3 MEDIUM]

Authentication Bypass Plane
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy