A security vulnerability in Qnap QTS versions 4.3.x prior to 5.2.x enables attackers to bypass security policies, according to a security advisory published on January 30, 2026. The vulnerability, referenced as CVE-2025-66276, allows unauthorized access by exploiting weaknesses in the system’s security framework. Qnap advises users to apply updates detailed in their security bulletin (qsa-25-56) released on January 29, 2026, to mitigate the risk. Affected systems include all QTS versions 4.3.x up to 5.2.x. The French National Cybersecurity Agency (ANSSI) and other government resources are listed for additional information.
Summary of content from
https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0104/
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.