Skip to content

Commit 41f856f

Browse files
1 parent fe2fe44 commit 41f856f

3 files changed

Lines changed: 106 additions & 0 deletions

File tree

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-67cg-rrvw-5r8m",
4+
"modified": "2026-06-10T03:32:03Z",
5+
"published": "2026-06-10T03:32:03Z",
6+
"aliases": [
7+
"CVE-2025-66276"
8+
],
9+
"details": "QuTS hero is not affected.\n\nWe have already fixed the vulnerability in the following version:\nQTS 5.2.7.3256 build 20250913 and later",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66276"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://www.qnap.com/en/security-advisory/qsa-25-56"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [],
29+
"severity": "CRITICAL",
30+
"github_reviewed": false,
31+
"github_reviewed_at": null,
32+
"nvd_published_at": "2026-06-10T03:16:24Z"
33+
}
34+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-g758-jg83-j6jj",
4+
"modified": "2026-06-10T03:32:03Z",
5+
"published": "2026-06-10T03:32:02Z",
6+
"aliases": [
7+
"CVE-2025-58468"
8+
],
9+
"details": "A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities.\n\nWe have already fixed the vulnerability in the following version:\nNotification Center 1.10.0.3291 and later",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58468"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://www.qnap.com/en/security-advisory/qsa-26-13"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-352"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T03:16:24Z"
35+
}
36+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-vwqw-r29w-hrg7",
4+
"modified": "2026-06-10T03:32:03Z",
5+
"published": "2026-06-10T03:32:03Z",
6+
"aliases": [
7+
"CVE-2025-59382"
8+
],
9+
"details": "QTS, QuTS hero, QuTScloud are not affected.\n\nWe have already fixed the vulnerability in the following version:",
10+
"severity": [
11+
{
12+
"type": "CVSS_V4",
13+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59382"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://www.qnap.com/en/security-advisory/qsa-26-10"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-472"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T03:16:24Z"
35+
}
36+
}

0 commit comments

Comments
 (0)