Every CVE whose affected-product data names Qnap File Station, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (54)
CVE-2026-26240 — CVSS 9.1 (critical): A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to…
CVE-2026-26241 — CVSS 9.1 (critical): A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to…
CVE-2024-48864 — CVSS 9.1 (critical): A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the…
CVE-2025-33031 — CVSS 8.8 (high): An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account…
CVE-2025-30279 — CVSS 8.8 (high): An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account…
CVE-2025-22486 — CVSS 8.8 (high): An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow…
CVE-2025-29883 — CVSS 8.8 (high): An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow…
CVE-2025-29885 — CVSS 8.8 (high): An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow…
CVE-2025-57707 — CVSS 8.8 (high): An improper neutralization of directives in statically saved code ('Static Code Injection') vulnerability has been reported to affect File…
CVE-2025-29884 — CVSS 8.8 (high): An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow…
CVE-2026-24724 — CVSS 8.1 (high): An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can…
CVE-2025-47206 — CVSS 8.1 (high): An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then…
CVE-2026-26239 — CVSS 8.1 (high): A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then…
CVE-2025-57713 — CVSS 7.5 (high): A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to…
CVE-2025-22490 — CVSS 7.5 (high): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29872 — CVSS 7.5 (high): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-29873 — CVSS 7.5 (high): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29876 — CVSS 7.5 (high): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29877 — CVSS 7.5 (high): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-66278 — CVSS 6.5 (medium): A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit…
CVE-2025-29900 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-29901 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29890 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-29889 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-33035 — CVSS 6.5 (medium): A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit…
CVE-2025-29888 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-47207 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect several product versions. If a remote attacker gains a user account…
CVE-2025-52865 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-53408 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-53409 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-53410 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-29899 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-53412 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-53413 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-29874 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29875 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29878 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2026-24720 — CVSS 6.5 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker…
CVE-2025-54169 — CVSS 6.5 (medium): An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then…
CVE-2026-22899 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can…
CVE-2025-29886 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-29879 — CVSS 6.5 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-62853 — CVSS 6.5 (medium): A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit…
CVE-2025-62854 — CVSS 6.5 (medium): An uncontrolled resource consumption vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account…
CVE-2026-22894 — CVSS 6.5 (medium): A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit…
CVE-2025-29871 — CVSS 5.5 (medium): An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they…
CVE-2025-57706 — CVSS 5.4 (medium): A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can…
CVE-2025-53411 — CVSS 4.9 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-54161 — CVSS 4.9 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-54155 — CVSS 4.9 (medium): An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker…
CVE-2025-54163 — CVSS 4.9 (medium): A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account…
CVE-2025-54162 — CVSS 4.9 (medium): A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can…
CVE-2025-62855 — CVSS 4.4 (medium): A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can…
CVE-2025-62856 — CVSS 4.4 (medium): A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can…