CVE-2025-66276
CRITICALDescription
QuTS hero is not affected. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Affected Products
| Vendor | Product |
|---|---|
| qnap | qts |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-66276? +
How severe is CVE-2025-66276? +
What products are affected by CVE-2025-66276? +
How do I check if I'm vulnerable to CVE-2025-66276? +
Related Vulnerabilities
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could …
A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow …
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow remote …
An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized …
Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by …
An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability …